Question
How can I combat spam submitted via web service?
Answer
The primary goal of spammers is to use your triggers to pass spam content to other users through placeholders. Zendesk automatically suppresses certain placeholders when certain criteria are met. For more information, see the article: Understanding placeholder suppression rules.
However, if you have customized triggers, you may still have placeholders that pass content of the ticket to the end user upon ticket creation, for example, {{ticket.title}}.
Instructions
Step 1: Remove placeholders that spammers target
Update your account's version of the Notify requester and CCs of received request trigger.
- If the trigger in your account that notifies requesters and CCs of received request doesn't have it yet, add the condition Current user | Is | (end user)
- Under Actions, refer to the Email subject and Email body fields. Remove any reference to the placeholder
{{ticket.title}}or any other placeholder that renders content.
Removing this placeholder renders your trigger useless to spammers since it will no longer share their spam content with recipients. This step doesn't immediately stop the flow of spam tickets but prevents spammers from reaching your customers, and you should eventually stop seeing spam come in.
Step 2: Make sure you have a trigger for agent-created tickets
If your agents create tickets on behalf of end users, for example, sending out proactive emails, you need a trigger that notifies users of the content of those tickets but doesn't allow spammers to do the same.
Newly created Support accounts already have the default Notify requester of new proactive ticket trigger enabled in their accounts. However, older accounts may need to create one from scratch.
Temporarily blocking email domains using the blocklist
While the above recommendations will protect your account from further spam, it will not immediately stop ticket creation. If you want to block ticket creation regardless of channel, use the blocklist feature with the blocklist modifier suspend: or reject: prepended to the domain.
blocklist: reject:randomspammer@gmail.com suspend:qq.com
For more information on spam prevention on other channels, see the article: Spam prevention resources.
5 Comments
Can you reject/suspend emails with a wildcard in the blocklist? We can't block specific emails since he changes the email after every ticket he submits. I have reported him to google, but who knows what good that would do. He always uses the same name then adds a + and then some random characters. So stopping him is a challenge. We suspend them as they come in but really that is futile since he never reuses them.
reject:NAME*@gmail.com or something like that?
We have a very persistent person who is using a bot for sure to spam us for help. We have found no way to stop this from happening. I do not see what channel the tickets are using, but it does not appear to be email. Just looking for anyone that may have had to deal with something similar.
We have a ticket with zendesk, but turning off account creation is not an option at this time.
We no longer use the ticket.title placeholder and are currently getting hit with gmail accounts.... I can't block gmail... they used to have 'xxxxxxxxxxxxx' or something incoherent that could be identified quickly and dealt with, but these simply have one word, so I'm not sure what they're gaining, especially since our subject line is static in our ticket notifications.
With a fully open instance of Zendesk where we reply to our customers via e-mail, how would you update a trigger that notifies them of our reply via e-mail to combat spam? The subject surely has to be "Re: {{ticket.title}}" to re-use what the customer set as a subject in his initial e-mail.
If you are experiencing spam issues, we ask that you please open a ticket with our Support team so we can investigate specifics with your account.
Please sign in to leave a comment.