As described in Setting your allowlist and blocklist to control email support requests, Zendesk administrators can use the allowlist and blocklist to accept, suspend, or reject emails.
This article covers the following topics:
About the blocklist and allowlist
Zendesk reads email headers of incoming support requests to determine whether an email should become a ticket based on the rules you’ve configured in your allowlist and blocklist.
If an incoming support request originates from an email address or domain on the blocklist, it becomes a suspended ticket with the suspension cause: Email is from a blocklisted sender or domain.
You can also create rules to completely block users so there’s no record of the ticket in your Zendesk account.
Use the allowlist to accept emails from specific domains or email addresses. For example, you can use the allowlist with your blocklist to allow all emails from the gmail.com domain but block specific email addresses within that domain.
Your allowlist overrides your blocklist. For example, if you add a specific domain to the blocklist but allow a user with that email domain, they will be given access.
Allowlist and blocklist usage examples
You can use a combination of the blocklist and allowlist rules to ensure you are permitting access or blocking the correct users. This section contains some usage examples you can replicate for your own Zendesk account.
Approve a domain, suspend all other users
You can allow specific domains access to your Zendesk account by adding the domain to the allowlist and suspend all users with a different email domain by adding a wildcard (*) to the blocklist. In the following example, only email from the domain mondocampcorp.com will be permitted access.
allowlist: mondocamcorp.com blocklist: *
Enter multiple domains separated by a space to allow more than one domain access. In the following example, email from the domains mondocamcorp, comdocam, and mondostore are permitted, and all other users will be suspended.
allowlist: mondocamcorp.com mondocam.com mondostore.com blocklist: *
Approve a domain, but suspend specific email addresses with the domain
Using the suspend
keyword, you can prevent a specific
email address with an allowed domain from accessing your Zendesk account.
allowlist: gmail.com blocklist: * suspend:randomspammer@gmail.com
Approve a domain, but reject specific email addresses and domains within it
Similar to the previous example, you can block specific email addresses from
using an allowed domain by entering their email address in the blocklist. Use
the reject
keyword to prevent a user's tickets from
being added to your Zendesk account.
In the following example, only email from gmail.com is accepted. All tickets from other email domains are sent to the suspended tickets queue except for the email address randomspammer@gmail.com. Email from randomspammer@gmail.com will be rejected completely, and the ticket will not be recorded in your Zendesk account.
allowlist: gmail.com blocklist: * reject:randomspammer@gmail.com
Approve all, but reject specific email addresses and domains
You can also allow all users to register except for specific email addresses and domains. To allow all users to register, leave the allowlist blank, then enter any blocked users.
In the following example, everyone can access your Zendesk account except for
randomspammer@gmail.com and users sending email from the megaspam.com and
spammerspace.com domains. Because the reject:
keyword is
used, all emails from those accounts are blocked completely, and the tickets
aren't recorded in your Zendesk account.
allowlist: blocklist: reject:randomspammer@gmail.com reject:megaspam.com reject:spammerspace.com
Suspend support request tickets from specific email addresses or domains
Adding an email address or domain to your blocklist suspends tickets from those users, but only if those tickets are submitted through the email channel.
allowlist: blocklist: suspend:randomspammer@gmail.com suspend:megaspam.com
When using the suspend
keyword to suspend all support
requests from a specific domain, all tickets from that domain are suspended,
even if individual email addresses with that domain are in the allowlist.
For email support requests only: To suspend all tickets from a domain but allow
specific users, add the domain to the blocklist (without the "@" symbol or the
suspend
keyword) and add the allowed email
addresses to the allowlist. This procedure does not work for channels outside of
email because only email respects the allowlist for support requests.
Limitations when using the allowlist and blocklist with other Zendesk channels
If you’d like to use the allowlist and blocklist for channels outside of email, for example, to customize who can create support requests and register on your help center, it works differently than it does for email.
Limitations for support requests submitted through other channels
- Only the email channel uses the allowlist for support requests. All other channels, such as the help center support request form, the Zendesk API, or Web Widget, ignore the allowlist for support requests. Therefore, email addresses or domains you add to the allowlist will only be respected for support requests you receive by email.
- You can use the blocklist to block specific email addresses or domains
from submitting support requests from other channels. To do this, you
must use the
suspend:
andreject:
keywords. - A wildcard (*) is ignored for all channels outside email for support requests. See the example: Approve all, but reject specific email addresses and domains.
Limitations for account registration through your help center
- If you’ve added a wildcard (*) to the blocklist, only users with domains in your allowlist can create accounts, but users with blocked domains can still submit support requests through the help center request form.
- When
suspend:domain.com
orreject:domain.com
are used in the blocklist, users with these domains can't submit support requests through the help center request form but can still create accounts with blocked domains.
Considerations
Consider the following when setting up your blocklist and allowlist:
- The allowlist doesn’t prevent tickets from being suspended. Tickets can be suspended for several reasons, as described in Causes for ticket suspension.
- The allowlist doesn't provide access for suspended users. Suspension takes priority over a user's email in the allowlist.
- If you set up user mapping:
- Email domains saved in the organization's Domains list are automatically allowed. You don't have to add these domains to the allowlist manually.
- If a user's domain or email address is in the blocklist, but their full email address is present in an organization's Domains field, the address is still allowed.
- If an email subject includes the text “Out of office” or the ticket originates from an email with a “do not reply” address, the ticket will be suspended, even if the email address is on the allowlist.
- Email addresses on the blocklist still receive notifications if the user is the requester or added as a CC on a ticket. To prevent notifications, suspend the user.
- If an email includes a blocked email address in the CC field that isn't associated with an existing user, then a new user record is not created. If a user profile exists for the email address, the blocklist has no effect.
- If you blocklist a user that is a CC on a ticket, they won’t be removed from existing tickets.
12 comments
Nancy Rickhoff
We're receiving a huge amount of spam from email addresses that look like this:
That is our own support email address with a bunch of numbers and letters in the middle. The combination of letters/numbers is different on every spam email. How do I block these spam emails with affecting the emails we really want to get?
Thanks!!
0
Gabriel Manlapig
Found this helpful article that talks about preventing spam attacks.
I was hit by a spam attack. What do I do now?
For emails, you can protect your domain from email abuse via SPF, DKIM, and DMARC records. There are also additional security layers in Zendesk that you can utilize to combat spam and protect your business.
Protecting your domain from email abuse, via SPF, DKIM and DMARC records
I hope that helps. Thank you!
0
Danielle DeCosta
There is an automated email that is blasting us from one of our clients. The domain is listed in their organization in ZD so it is automatically allowing them even why I try to block them. How do I block this 1 email from the organization? Because it is an automated email is it causing our automation to go off then theirs and back and forth in a never-ending loop causing hundreds of auto-replies. We have to get this blocked. Thank you!
0
David
Hi Danielle,
If you want to block a specific email address from an organization, you can use the suspend keyword. This should prevent the email address from accessing your Zendesk account.
Here’s an example of how to use the suspend keyword:
This should block all emails from the domain
domain.com
except for the email addressexample@domain.com
.0
Douwe
A user is generating a lot of tickets from different (common) domains, but with similar words/names in the local part before the @domain.
Is there a possibility to reject or suspend tickets based on words contained in the local part? We are already suspending tickets based on subject text by using triggers, but email adress doesn't seem to be an option in ticket triggers. Thanks!
0
Tony
it is not possible to use email addresses in triggers. As an alternative you can use tags instead.
If you want to suspend the user not based on the email address but on the domain, you can do that. Here is an article that shows you how to do it!
Best,
0
Tony
Based on the information provided, it appears that the article states that * is utilized to restrict ticket submissions to individuals except those in the allow list. Therefore, it may not be applicable to your current situation.
Warm regards,
0
Judy Correia
Most of the blocklist examples above include *. Is it required to include * at the beginning of the blocklist or before each domain being blocked? i.e. does it have to be either A) blocklist: * reject:email1.com reject:email2.com or B) blocklist: *reject:email1.com *reject:email2.com. Or can we simple enter blocklist: reject:email1.com reject:email2.com, without any *
0
Mike DR
That would depend on how you want to block the domains. adding the * is like a wildcard that all email domains will be blocked.
0
Lucas Case
Mike DR how about subdomains? We want to allow the main domain, and block/reject a subdomain of the main domain? So allow: main.com and block: (reject:)sub.main.com
0
Jean-Guy Daigle
I've encountered an unexpected problem with an internal email—it's now being flagged as a suspended email, despite not having this issue before. If I add this email to the Allow list, would it prevent it from landing in the suspended folder? It's worth noting that this would be my initial entry in that field. Additionally, would this action affect the handling of all regular incoming requests?
0
Hiedi Kysther
Hi Jean-Guy Daigle
Allowlist may work depending on the Suspension Reason e.g. no-reply emails. However it is still not a guarantee that the email will not be suspended even if the email address is whitelisted.
Also, adding a certain email in your Allowlist will not affect other regular incoming requests. It only helps for our system to know the sender is whitelisted. But to reiterate, whitelisting may work depending on the Suspension reason.
I encourage you to reach out to our Support team so we can review those suspended tickets and guide you on how we can resolve it.
Hope this helps!
0