Security settings for e-mail listeners

As you can create, update, query, and change the status of tickets, you can configure security settings for e-mail listeners. Using these settings, you can ensure that only authorized users can execute these functions using e-mail messages.

For the sender of an e-mail message, security authorizations are checked against the security configuration for the system. This check establishes the ability of the sender to run each specific function.

The person record is a basic requirement to be able to process e-mail messages. Additional processing of e-mail messages only occurs after the person record associated with the e-mail address of the sender has been located.

The following points apply to security settings for e-mail listeners:

• If a person record is active, the corresponding user record is found.
• If a person record does not exist or is inactive, the e-mail message is not processed. An error e-mail message is sent to the sender and the administrator.
• If a user record is found, the associated authorizations are applied when the E-mail Listeners application performs security checks on incoming e-mail messages.
• If a user record is not found, the Run As user of the cron task instance for the e-mail listener is used.

To specify security settings for e-mail listeners, you can use the Select Security Settings action in the E-mail Listeners application. The settings identify business objects supported by each e-mail listeners workflow process. The settings also identify the corresponding applications that must be used to determine security restrictions on incoming e-mail messages. To assign the appropriate authorizations to the users who send formatted e-mail messages, configure security settings you can use the Security Groups application.