I wrote a blog post about the recent onslaught of Zendesk spam emails and how a design flaw in its Anonymous Authentication feature was exploited.