Using the allowlist and blocklist to control access to Zendesk Support

Return to top
Have more questions? Submit a request

97 Comments

  • William Braun

    Is it possible to black list an entire top-level domain (.e.g *.ru)?

    This would help significantly with our suspended tickets (spam) coming from Eastern European countries.

    1
  • Devan - Community Manager
    Zendesk Community Team

    Hello William,

    You cannot blacklist TLDs by themselves. You need at least the second level domain attached to it, as well. Blacklisting mail.ru, for instance, would save you a good deal of trouble, but .ru by itself won't take.

    As far as other ways to mitigate things, you can set up an automation to remove the tickets that already exist if they have some commonality between them, like a string of words in the comment text. Take a look at the following for more info on that:

    https://support.zendesk.com/hc/en-us/articles/360001481448-How-can-I-bulk-delete-spam-tickets-in-Zendesk-

    Additionally, you can try adding DKIM authentication to your instance to add some  security to your instance:


    Lastly, the notify requester of received request trigger has a placeholder in it -- I might suggest removing that, as it provides a clickable link for the spammers to loop off of.

    Give those a shot and let me know if you have any further questions.

    Best regards.

    0
  • Lucinda Bianchi

    Hi there, I've just put the * in our blocklist and put our clients domains in allow but when I tested raising a ticket from my personal email (not one of the allowed domains), the ticket was still raised. Is there something else I'm missing?

    Any thoughts on how to resolve?

    0
  • Kay
    Community Moderator

    Lucinda Bianchi I've had this happen once (pretty long time ago though), and it took 1 hour to actually have it active. Maybe that is also the case. Let me know if that is the case.. If not could you share a screenshot of your blocklist and allowlist (with part of the domains blurred)?

    0
  • Lucinda Bianchi

    Thanks Kay you were right, it was activated by the morning, I just needed a little patience ;)

    0
  • Jamie Noell

    I am familiar with the 20 messages per email address limit, but I have heard that if we whitelist a specific email address, that will increase the limit within an hour per email address. 

    - Can you please confirm that feature?

    - What happens after the increased limit?  Account suspended for an hour? Suspended tickets?

    0
  • Sean Cusick
    Zendesk team member

    Hi Jamie, Once a sender exceeds both our acceptance and suspension rates then their emails will be rejected. Our email channel currently does not support integrations with automated email senders, (mentioned in our Suspended Tickets article: "The sender is not a person"). The API is the channel that is best suited for all automated traffic. The current supported limits for email acceptance are 20 per hour, per human sender, another 20 emails from that same sender will become suspended, after that we reject further submissions. We may limit the acceptance of any email traffic that we detect is automated or in any way dangerous, as in the possible creation of an email loop, whether the address is allowlisted or not. If you have any further questions please open a ticket with us to discuss your specific needs. 

    0

Please sign in to leave a comment.

Powered by Zendesk