Preventing Untrusted Users from Triggering Inbound Actions

wdookie · ‎09-13-2016

I am looking to prevent untrusted user from triggering inbound actions to create tickets. I have followed:

but still no luck.

Properties have been set appropriately:

Trusted domains when creating new users from incoming email (Ignore email from untrusted domains unless from an existing user; use * for all domains) set to mycompany.com

System Property set to false:

Guest User disabled and locked out:

But once a send an inbound email from a non-trusted domain account, sure enough I see the Incident created, with the Caller set as Guest!

On Helsinki right now, is there anything that I am misssing????

wdookie · ‎09-26-2016

Well folks,

Thanks for all the help on this. To close the loop on this topic, after speaking with support, this is a known issue within Helsinki. It will be resolved in the next release, Istanbul.

Thanks again for the assistance and troubleshoot, I appreciate your time!

Wayne

View solution in original post

wdookie · ‎09-13-2016

Hi Jose,

It is a reference to the "Guest" user:

jose_valle · ‎09-14-2016

HI Wayne,

This may be a silly question, but is that reference to the same locked out guest user? You don't by chance have two users with the display name?

wdookie · ‎09-14-2016

Hi Jose,

I have only the one guest user account. thanks for asking and getting me to check!

Wayne

Michael Fry1 · ‎09-13-2016

Is there an email address in the Guest record: ServiceNow KB: Emails from untrusted domains are delivered when there is no Guest user and there is ...

wdookie · ‎09-14-2016

Hi Michael,

I have it set to guest@example.com

Not sure why it's not working! bizarre.