How to disable outbound email (restrict to organization domain only)

Lord Omicron
Giga Expert

Doing some work in our dev instance. Would like to enable email but we don't want emails to go to destinations other than the company's domain. The mail options allow you to route all emails to one address which works but is not ideal because that user has to continually forward emails to the intended internal recipient. My guess right now is that we'd have to contact HI Support to do so? I'm hoping there's a way to do this without contacting support. Thanks.

1 ACCEPTED SOLUTION

Venkatesh A K1
Mega Expert

After Paris Release "System Address Filter" has been introduced which will help in making the domains whitelist OR block based on outbound OR inbound .

Steps as follows ::

1. Create a Email address filter ( System mailbox --> Email address filters)
2. you can mention the domains which can be allow OR deny .

Then 

3. Create a system address filter ( System mailbox --> system address filter )

4. Select Type Inbound OR Outbound 

5. add the Email address filter which you have created in above steps and submit.

Both types of filtering can be enabled which you have configured via email address:

  • Allow (or whitelist) 
  • Deny (or blacklist) 

SN Doc is FYI :: 

https://docs.servicenow.com/bundle/paris-platform administration/page/administer/notification/concept/system-address-filters.html

Mark as helpful/correct if it is correct.

View solution in original post

7 REPLIES 7

Manish Vinayak1
Tera Guru

Hello,

You could set-up a business rule on the sys_email table in your dev instance. To verify recipients and filter them / block the email based on their domain.

Here is an article mentioning how to do that:

https://community.servicenow.com/community?id=community_article&sys_id=83a7a5acdb60ebc09d612926ca961...

 

But I would recommend still having the test email address in the email property while trying the solution. If everything works and you can see emails getting filtered in the email logs table, you can then think of removing the "test" email address from the email properties page.

 

Hope this helps!

Cheers,

Manish

Manish, this seems like a good option. I'll mark correct if it's successful. Thanks!

DirkRedeker
Mega Sage

Hi

For your scenario of testing, I recommend to use one of the following configuration :

- stay with the global setting, to send all mail to one address, but use a distribution email address for destination recipient.

OR

Lock down all users in your test instance, except for the testers, who definitely know, they may receive test mails. Then, clear out all email addresses from the locked users, or give them a default test user email address.

Cross check the active users email addresses to be internal.

OR

Send all email to a central mailbox, where all testers have access to. That way, nobody gets his emails mixed up between test and live mails. 

Let me know if that answered your question and mark my answer as correct and helpful, please. 

BR 

Dirk 

Thanks for your suggestions. These workarounds require more maintenance than should be necessary to solve this. I appreciate the suggestions though.