- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2019 05:07 AM
I have a problem with how to get email to our instance. I have our instance locked down for email so that only known email addresses and our domains can send us mail. Several of our groups need to be able to receive email from any number of customers, suppliers or perspective members of one of those groups.
We use Office 365 to manage our email. Right now the email comes to a shared mailbox where the relevant team needs to manage those messages. I can set up rules on the mailboxes that will forward the messages to our instance but they arrive showing the original sender and end up in Junk Mail.
I know that I can't be the first one to run into this issue. Can anyone share how they have overcome this limitation without opening up their instance to the world?
Thanks for any information you can provide.
John
:{)
Helpful and Correct tags are appreciated and help others to find information faster
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-18-2019 05:31 AM
I found a way to do exactly what I need. I'm going to assume that others might benefit from it so here's a summary of what I did.
The inbound email that I need to receive will be sent to a shared mailbox in our Office 365 environment. I set a flow option to forward anything coming into that mailbox to our SN instance.
On the ServiceNow side, I created a user who's email address is the same as the shared mailbox. I then created a new inbound action, type = New, that has an order of 50 so that all inbound email hits it first. The action starts by checking if the email is for Guest. If not, the mail moves on to higher order actions.
If the mail is identified for Guest, I do a lookup in sys_user for sys_user.email == email.to. I put everything into lower case to simplify things. If I find the email address I treat the email as legitimate and create an incident. Part of that includes determining an assignment group via table lookup. I also prepend EXTERNAL EMAIL FROM <sender> to the short description so that anyone looking at the incident knows that it is not from an internal source. Finally I add a note to the email log indicating that it was processed by this action. The Caller on incidents created from external emails shows as Guest. That lets me be a bit lazy because Guest doesn't get the incident created and other notifications that would go to legitimate users.
Before starting any testing, don't forget to re-activate the Guest user.
If I don't find a match on the email address lookup, I process the email into the Junk mailbox. One gotcha to be aware of is the BR Set Inbox. When accepting the email it is no problem. When attempting to put it in the junk pile it needs to be modified. I added some conditions that will be exclusive to the ones that I am putting there by including an error_string on the email which, among other things, the condition in the BR checks.
Very important, if the email is handled by the inbound action I created, the last thing the action does is stop further processing programmatically (event.state="stop_processing";). You cant just use the checkbox on the inbound action form because that would prevent non guest emails from being processed.
Clearly, allowing inbound email from unknown sources has the potential to introduce spam and worse into the process. The way we see that issue is this. Our O365 environment does a very good job of filtering out such messages. Add onto that the filtering that ServiceNow does before allowing the email in and we get a very high confidence level that such bad mail will not get into the instance. Anything from outside that is not directed to one of our shared mailboxes goes straight to the junk heap. Our internal groups that manage the shared mailboxes are used to filtering out any spam type emails so again lower risk.
I've run this solution past a few developers who are far more experienced on the platform than I am as well as our security team and so far I've passed muster with everyone.
I realize that this may not be the solution for everyone but I do hope that it can help a few people in the same situation. If you have specific questions, please contact me.
:{)
:{)
Helpful and Correct tags are appreciated and help others to find information faster
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2019 05:19 AM
Unfortunately, i don't think there's an easy way around this one John. There's no way for ServiceNow to know which mail you want to receive and which you don't unless you tell it.
How many customers, suppliers etc do these groups need to potentially receive mail from? If these are entities you work with you should have contact lists right? You could always populate a table with all the email addresses that are authorised to raise tickets and filter out anything not in the list.
To be honest, it might be easier to just open up your instance to the world and maintain a block list to filter out unwanted emails!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2019 05:26 AM
Thank you David. I was afraid that straight away, there is no way I can make this happen. I have an idea on a different way that I might be able to handle the situation. I need to do some testing. If it works out, I'll post the results.
:{)
Helpful and Correct tags are appreciated and help others to find information faster

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2019 05:47 AM
Hi John,
The following link might be helpful.
Prevent untrusted users from triggering inbound actions
Regards,
Ajay
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2019 05:51 AM
Thank you Ajay. I have those settings in our instance. That is what sends inbound emails from unknown users/domains to junk.
:{)
Helpful and Correct tags are appreciated and help others to find information faster