Using the whitelist and blacklist to control access to Zendesk Support

Have more questions? Submit a request

83 Comments

  • Damian Wallace
    Comment actions Permalink

    Plus one vote for actually supporting multiple Brands properly.  We are struggling with having email work properly across brands as well.  We have free, SMB and Enterprise brands.  We can't seem to create a proper experience for each because everything is per account rather than per brand as it should be, and not having an API for this feature as well is amazing disappointing.  

    0
  • Nicole - Community Manager
    Comment actions Permalink

    Thanks for the feedback, Damian. I've asked one of our product managers to read through the comments in this thread.

    0
  • Martynas Majeris
    Comment actions Permalink

    Seems like having "reject:somedomain.com" in blacklist does not make emails from that domain skip suspended queue anymore.

    0
  • Louis Evangelista
    Comment actions Permalink

    I have two questions. First, where do you see rejected emails? Second, I want one of my support email support1@test.com to accept emails from gmail.com, however my second support email support2@test.com to reject emails from gmail.com.

     

    Is this possible? Looking at the comments this seems to be a multibrand request that is not supported.

    0
  • Lijun Wu
    Comment actions Permalink

    Is the Regex working within the blacklist now? Any update on this?

    0
  • Brett - Community Manager
    Comment actions Permalink

    @Martynas it looks like there was a fix deployed recently that addresses this issue. Can you confirm on your end?

    @Louis, when using reject there will be no record within Zendesk to track these emails. As for setting up separate blacklisting rules, I'm afraid this cannot be done. This setting is account wide and not specific to support addresses. You may need to set up a rule on your email provider side to account for this.

    @Lijun see my response to Martynas above. If you still don't see emails being rejected and showing in the suspended tickets view let me know!

    1
  • Martynas Majeris
    Comment actions Permalink

    @Brett I haven't had any new occurrences in Suspended queue since the fix was put in place. Still keeping an eye out, but it looks like it was fixed. Thanks!

    1
  • Brett - Community Manager
    Comment actions Permalink

    Glad to hear it Martynas :)

    0
  • Gasper Jubani
    Comment actions Permalink

    Hi, I am trying to whitelist all noreply emails. Would this rule do anything? I am afraid to try because of the wildcard on it.

    0
  • JamesTrazzera
    Comment actions Permalink

    Hi there,
    Is there a way to ONLY suspend a ticket IF the sender or sender domain is in the Block List?

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hi James,

    Surrounding ticket suspension, unfortunately, there aren’t any “exceptions” that we can make for our filters so that only emails in the blacklist field are suspended. If there are legitimate emails being sent to your suspended tickets view, you'll want to take a look at the cause of suspension as mentioned in the article I've attached.

    Let us know if you have any other questions.

    0
  • Colum Wedel
    Comment actions Permalink

    Hello,

    We have "Anybody can submit tickets" disabled because we are running a closed email-only support desk. The idea is to only make tickets for end users we have registered manually. We register the end users and they email us.

    Is it possible to notify a requester that their email has been suspended?

    We can only accept tickets from nominated individuals. However, we want to inform others who may send requests to our support email address that they can reach us through a nominated individual in their organisation, rather than give them no indication that they are unregistered and that their message was suspended.

    Any advice?

    0
  • Rich Lorenzo
    Comment actions Permalink

    @Colum I had a Zendesk setup like that a while back. What I would recommend is to add a tag to the nominated end-user profiles. Maybe something like "nominated" :)

    Then you can set a trigger to respond with an auto-reply when a ticket is created and doesn't have the "nominated" tag which should be inherited from the end-user tag and onto every ticket created by a nominated individual.

    You can set the Status to Closed in the auto-reply trigger and maybe add a tag like "auto-closed" so that you can setup a view to monitor those tickets. And include message body saying something like "Ask your org's nominated member" and put something very clear in the subject line of the auto reply that says something like "NOT AUTHORIZED -- Please Read" (or something a bit softer if you prefer).

    0
  • PenN
    Comment actions Permalink

    I have added "rejected:spam.com" [spam=the domain name] in the blacklist field and click save, but I'm still receiving emails from them.

    Any advice?

    1
  • James Molina
    Comment actions Permalink

    Add another vote for white/ blacklisting with multiple Brands

    0
  • Felicia Cantua
    Comment actions Permalink

    @PenN I'm having the same issue. I recently rejected a new domain and am still receiving emails from them in our queues. I already submitted a ticket to inquire about it, I'd recommend you do the same.

    0
  • Leonardo
    Comment actions Permalink

    Can I use regex on the black list? For example I want to blacklist any email that has 10 digits email address and are from spammer.com domain. For example qwertyuiop@spammer.com or 1234567890@spammer.com

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Leonardo,

    I was able to check with our internal team and it looks like the blacklist field is string only. You wouldn't be able to use regex in this case. You could blacklist the domain as a whole using suspend:qq.com or reject:qq.com but that may not be the exact solution you're looking for.

    Let me know if you have any other questions.

    Cheers!

    0
  • Helder
    Comment actions Permalink

    In the view "suspended tickets", when we push the button "recover automatically", is that email automatically added to the white-list?
    In other words, after "recover automatically" will future email from that domain end up in the "suspended tickets" view?

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Helder,

    Once you select recover automatically this will train the spam filter to generate these tickets instead of sending them to the suspended tickets view. You may need to select this option a couple of times to train the spam filter but that should resolve the issue of legitimate tickets going to the suspended view.

    Let me know if you have any other questions.

    Cheers!

    0
  • Carlos Posadas
    Comment actions Permalink

    Looks like spam filter does not apply to tickets created  Via Mobile SDK (web widget with answer bot).  

     

    Added reject:qq.com to blacklist, however, spam tickets are created regardless.  Any ideas on how to resolve this?

     

    1
  • Nick
    Comment actions Permalink

    Got the same issue like Carlos, spam from qq domain via mobile SDK, but qq.com is blacklisted.

    More than that - mobile SDK is not active, so i can't do anything with this. So, is any way to resolve this?

    0
  • Ryan
    Comment actions Permalink

    Hey Nick and Carlos Posadas,

    In general to remove all incentive from spammers targeting your account, we recommend changing your triggers to not relay the original message back to the requester on ticket creation (the spammers are using their target's email as requester, then sending their message to them by way of your trigger).

    More details can be found here:
    https://support.zendesk.com/hc/en-us/articles/360025895613-Combating-spam-submitted-via-web-service- 


    If you have any questions about the above, please write into Support, and our advocates may be able to assist you further.


    ----
    As for the Mobile SDK bit in general -- The "Via" is just a cosmetic change to the ticket itself (left open for various integrations and customizations on your side, to denote your ticket how you would like). This spam is still likely coming through the API, so the above article should be useful.

    0

Please sign in to leave a comment.

Powered by Zendesk