Infos:
- Used Zammad version: 6.3.1
- Used Zammad installation type: Docker compose
- Operating system: Rocky linux 9
- Browser + version:
Expected behavior:
- No user should be added without permission
Actual behavior:
- User stockstory was added to my zammad without permission and was creating tickets
Is this a feature of zammad?
It is impossible to answer your question(s) with the level of detail you’ve provided.
So I’ll just throw my stone through this dark cave here, let’s see if I hit anything.
- Zammad will create new customers users based on incoming email, if the email address that was used is not known yet. This is mandatory so that the ticket can exist.
- Zammad by default allows anonymous users to register to the instance via the login interface. This can be disabled at any time.
See: Base — Zammad Admin Documentation documentation