We're trying to get automatic ticket generation from emails which are sourced from a listserver and other email addresses without account verification. I've adjusted all the settings that I could find which I thought would allow this, but emails are held as pending with 'account verification required'.
I understand that there are risks if there wasn't any verification process, but is it possible to eliminate the requirement for a limited window with some risk mitigation measures such as whitelisting the email domains?
If the sender addresses are unpredictable, enabling "Customers can access and send requests from the portal without logging in" (the anonymous/open access checkbox) will prevent the verification hold — but it does open the project to anyone who has the email address, so weigh that against your security posture.
A community-reported workaround that doesn't require opening things up: set "Any domain" access to None in your approved domain settings (remove any catch-all domain grants). This can stop the verification trigger for external senders in certain configurations, particularly when SSO is also in play.
One thing that's not currently possible natively: time-windowed exemptions or per-project overrides of the verification requirement. That's been a longstanding feature request (JSDCLOUD-12645 if you want to watch/vote). The options above are the only levers available today.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.