You can control access to your Zendesk based on your end-users' email addresses; either accepting or rejecting their attempts to register as a user in Zendesk Support or to submit support requests. You do this using the whitelist and blacklist. The whitelist can be used to allow access to everyone or just specific email addresses and domains. The blacklist, used with the whitelist, prevents access to all users who have not been added to the whitelist or specific users by email addresses and domains.
Email received from blacklisted users' domains and email addresses can be immediately routed into the suspended email queue or completely rejected, preventing tickets and accounts from being created. If you have set up user mapping, any email domains you add to the whitelist will automatically be included (see Automatically adding users to organizations based on their email domains).
The whitelist and blacklist are end-user settings.
In this example, the whitelist contains the MondoCam corporate domain. All email originating from this domain (including subdomains) are accepted. The blacklist is then used to declare that all other email is not users are blocked. This is done by adding an asterisk (*), which is a wildcard that blacklists (suspends) everything, meaning that all users will be blocked and prevented from creating and authenticating accounts. All email not received from the mondocamcorp.com domain is sent to the suspended tickets queue.
You can however also reject users' email, meaning that it will not be added to the suspended tickets queue. There will be no record of the email in your Zendesk.
If you've configured Zendesk Support to accept requests from anyone, you can use the blacklist to filter out specific unwelcome users' email domains and addresses, such as spam.
To edit your whitelist and blacklist settings
- Click the Admin icon () in the sidebar, then select Settings > Customers.
- Enter your whitelist and blacklist settings (see examples below).
- Click Save tab.
Whitelist and blacklist usage examples
The whitelist and blacklist are used together to create rules for accepting, suspending, and rejecting users' email. Aside from the asterisk (*), which suspends all users', you can use the reject keyword to make the email bypass the suspended tickets queue and get deleted. However, note that reject only affects email and doesn't prevent users from creating an account in your Zendesk. The whitelist will automatically override the blacklist.
Approve a domain, suspend all others
This example whitelists one user's domain and suspends all others.
whitelist: mondocamcorp.com blacklist: *
You can also add more than one user's domain or email address to the whitelist. Separate each with a space.
whitelist: mondocamcorp.com mondocam.com mondostore.com blacklist: *
Approve a domain, but suspend specific email addresses within it
whitelist: gmail.com blacklist: * suspend:firstname.lastname@example.org
Using this method, you can suspend specific email addresses from a domain that you have approved in the whitelist.
Approve a domain, but reject specific email addresses and domains within it
whitelist: gmail.com blacklist: * reject:email@example.com
This example also shows that you can add multiple email addresses and domains to the blacklist.
Approve all, but reject specific email addresses and domains
You can also leave the whitelist empty, meaning that all users are accepted, and then make exceptions for specific user's email addresses and domains.
whitelist: blacklist: reject:firstname.lastname@example.org reject:megaspam.com
Marking tickets as spam and suspending users
If email somehow makes it through the spam filter and your blacklist and tickets and new user accounts are created, you have two options for purging your Zendesk of both.
One of the ticket update options is Mark as spam and suspend user, which deletes the ticket and suspends the ticket requester. You can also select a user's account and suspend their access. For more information, see Suspending a user in the Zendesk Agent Guide.
A note about blacklisting people who have been CC'd on tickets
If you blacklist a user that has already been added to tickets as a CC, please note that blacklisting the user's email address will not remove themfrom those existing tickets. Also be aware that it is possible for agents to add blacklisted email addresses as CCs to new tickets.