I’ve set up a private category for the board of directors of a non-profit. For historical reasons and due to some users who categorically refuse to do anything except via email, the category accepts email at the firstname.lastname@example.org address. That’s fine, and it replicates the behavior of the Mailman mailing list that Discourse is replacing.
However, with that Mailman list, we had the capability to whitelist certain addresses that weren’t on the list but were allowed to post. In essence, it provided a way for certain members of the club (like past board members) to send email to the entire board without opening the group up to spam from non-whitelisted members.
I’ve enabled the “Accept emails from anonymous users with no accounts” setting, and it’s working as advertised. Unfortunately, that means that in the first two days, we’ve gotten three spam messages and one legitimate one.
Is there any way to set permissions such that only certain users or email addresses can be whitelisted to post to this private category without being in the associated group that can see/reply/create?
As a related question, all legitimate email send to board@ will eventually come from people who have accounts; this is a new system so almost no one has an account currently. Once they do have accounts, will they still be able to send email to board@ and have it get through, even though they don’t have permission to post normally?
In essence, what it seems I’m asking about is a way to set “everyone” to have “create” permission without having “see” or “reply.”