You can control access to your Zendesk by adding end-users' email addresses and domains to your blacklist and whitelist. Using the blacklist, you can prevent specific or all users from registering and submitting support requests, or you can allow specific or all users to access your Zendesk and submit support requests, using the whitelist.
) > Settings > Customers.This article contains the following sections:
About the blacklist and whitelist
The blacklist and whitelist can help you create rules for accepting, suspending, and rejecting user's email. Any email that is suspended because of the blacklist will be added to the suspended queue and flagged. If you have set up user mapping, any email domains you add to the whitelist will automatically be included (see Automatically adding users to organizations based on their email domains).
Your whitelist will automatically override your blacklist. For example, if you blacklisted a specific domain, but whitelisted a user with that email domain, they will be given access.
Depending on how your Zendesk is set up, you can use the blacklist and whitelist to apply additional settings to control who can access your Zendesk. If your Zendesk permits anyone to submit tickets, such as in open support type, you can use the blacklist to filter out spam email addresses and domains (see Suspending a user in the Zendesk Agent Guide). If you require users to register, you can use the blacklist, so only approved email address and domains can submit support requests and authenticate accounts.
The blacklist and whitelist feature contains rules you can combine to easily restrict access. See the section below for a list of the available blacklist and whitelist rules.
Setting your blacklist and whitelist
- You can enter up to 10,000 characters (maximum) in the whitelist and blacklist fields.
- To permit all users to access your Zendesk, except those added to the blacklist, leave the whitelist blank.
- To suspend all users, except for those added to the whitelist, add a wildcard(*) in your blacklist.
Important: The wildcard will send tickets from every user not added to the whitelist to the suspended tickets queue and prevents them from creating and authenticating accounts.
- To send support request from specific users to the suspended tickets queue, enter the keyword
suspendin front of an email address or domain in your blacklist. This is identical to blacklisting without a keyword. - To block or allow an entire email domain, do not include the "@" symbol. An email domain will not be successfully added to the whitelist or blacklist with "@".
- To completely block support requests from specific users, enter the keyword
reject:in front of an email address or domain list in the blacklist. Tickets will not be added to the suspended tickets queue and there will be no record of the ticket in your Zendesk.
reject: only applies to support requests and doesn't prevent users from creating an account in your Zendesk.To edit your blacklist and whitelist
- Click the Admin icon () in the sidebar, then select Settings > Customers.
- Enter your whitelist and blacklist settings. You can view some of the common blacklist and whitelist examples in the section below. If you are adding multiple email addresses or domains, separate with a space.
- Click Save tab.
Whitelist and blacklist usage examples
You can use a combinations of the blacklist and whitelist rules to ensure you are permitting access or blocking the correct users. This section contains some usage examples you can replicate for your own Zendesk.
Approve a domain, suspend all other users
You can allow specific domains access to your Zendesk by adding the domain in the whitelist and suspend all users with a different email domain by adding a wildcard (*) in the blacklist. In the example below, only email from the domain mondocampcorp.com will be permitted access.
whitelist: mondocamcorp.com blacklist: *
If you want to allow more than one domain access, you can enter multiple domains separated by a space. In the example below email from the domains mondocamcorp, comdocam, and mondostore are permitted and all other users will be suspended.
whitelist: mondocamcorp.com mondocam.com mondostore.com blacklist: *
Approve a domain, but suspend specific email addresses with the domain
You can prevent a specific email address with a whitelisted domain from accessing your Zendesk by using the suspend keyword.
whitelist: gmail.com blacklist: * suspend:randomspammer@gmail.com
Approve a domain, but reject specific email addresses and domains within it
Similar to the previous example, you can block specific email addresses from using a whitelisted domain by entering their email address in the blacklist. You can use the reject: keyword to prevent a user's tickets from being adding to your Zendesk at all.
In the example below, only email from gmail.com is accepted. All tickets from other email domains are sent to the suspended tickets cue, except for the email address randomspammer@gmail.com. Email from randomspammer@gmail.com will be rejected completely, and the ticket will not be recorded in your Zendesk.
whitelist: gmail.com blacklist: * reject:randomspammer@gmail.com
Approve all, but reject specific email addresses and domains
Unlike the examples above, you also have the option of allowing all users to register, except for specific email address and domains. To allow all users to register, you can leave the whitelist blank, then enter any blacklisted users.
In the example below, everyone can access your Zendesk, except for randomspammer@gmail.com and megaspam.com. Since the reject: keyword is used, all email from those accounts will be blocked completely and the ticket will not be recorded in your Zendesk.
whitelist: blacklist: reject:randomspammer@gmail.com reject:megaspam.com
76 Comments
Plus one vote for actually supporting multiple Brands properly. We are struggling with having email work properly across brands as well. We have free, SMB and Enterprise brands. We can't seem to create a proper experience for each because everything is per account rather than per brand as it should be, and not having an API for this feature as well is amazing disappointing.
Thanks for the feedback, Damian. I've asked one of our product managers to read through the comments in this thread.
Seems like having "reject:somedomain.com" in blacklist does not make emails from that domain skip suspended queue anymore.
I have two questions. First, where do you see rejected emails? Second, I want one of my support email support1@test.com to accept emails from gmail.com, however my second support email support2@test.com to reject emails from gmail.com.
Is this possible? Looking at the comments this seems to be a multibrand request that is not supported.
Is the Regex working within the blacklist now? Any update on this?
@Martynas it looks like there was a fix deployed recently that addresses this issue. Can you confirm on your end?
@Louis, when using reject there will be no record within Zendesk to track these emails. As for setting up separate blacklisting rules, I'm afraid this cannot be done. This setting is account wide and not specific to support addresses. You may need to set up a rule on your email provider side to account for this.
@Lijun see my response to Martynas above. If you still don't see emails being rejected and showing in the suspended tickets view let me know!
@Brett I haven't had any new occurrences in Suspended queue since the fix was put in place. Still keeping an eye out, but it looks like it was fixed. Thanks!
Glad to hear it Martynas :)
Hi, I am trying to whitelist all noreply emails. Would this rule do anything? I am afraid to try because of the wildcard on it.
Hi there,
Is there a way to ONLY suspend a ticket IF the sender or sender domain is in the Block List?
Hi James,
Surrounding ticket suspension, unfortunately, there aren’t any “exceptions” that we can make for our filters so that only emails in the blacklist field are suspended. If there are legitimate emails being sent to your suspended tickets view, you'll want to take a look at the cause of suspension as mentioned in the article I've attached.
Let us know if you have any other questions.
Hello,
We have "Anybody can submit tickets" disabled because we are running a closed email-only support desk. The idea is to only make tickets for end users we have registered manually. We register the end users and they email us.
Is it possible to notify a requester that their email has been suspended?
We can only accept tickets from nominated individuals. However, we want to inform others who may send requests to our support email address that they can reach us through a nominated individual in their organisation, rather than give them no indication that they are unregistered and that their message was suspended.
Any advice?
@Colum I had a Zendesk setup like that a while back. What I would recommend is to add a tag to the nominated end-user profiles. Maybe something like "nominated" :)
Then you can set a trigger to respond with an auto-reply when a ticket is created and doesn't have the "nominated" tag which should be inherited from the end-user tag and onto every ticket created by a nominated individual.
You can set the Status to Closed in the auto-reply trigger and maybe add a tag like "auto-closed" so that you can setup a view to monitor those tickets. And include message body saying something like "Ask your org's nominated member" and put something very clear in the subject line of the auto reply that says something like "NOT AUTHORIZED -- Please Read" (or something a bit softer if you prefer).
I have added "rejected:spam.com" [spam=the domain name] in the blacklist field and click save, but I'm still receiving emails from them.
Any advice?
Add another vote for white/ blacklisting with multiple Brands
@PenN I'm having the same issue. I recently rejected a new domain and am still receiving emails from them in our queues. I already submitted a ticket to inquire about it, I'd recommend you do the same.
Please sign in to leave a comment.