Block a fraudulent email or domain

When you spot abuse — repeated phishing, scam vendor invoices, harassment via inbound email — block the sender at the org level so the platform stops accepting their interactions.

What a fraud block prevents:
• New signups using that email (they bounce with a neutral message)
• Existing sessions: if a session matches a platform-wide block, it's signed out at the next page load
• Outbound campaigns / transactional sends are silently dropped to that recipient
• Inbound mail (Inbound Parse + Gmail watcher) is dropped at the door

Two ways to block:
1. Exact email — "[email protected]" — denies just that one address.
2. Domain wildcard — "*@spammer.io" or just "spammer.io" — denies everyone at that domain. Use sparingly; never use this on a public mail provider like gmail.com.

How to add a block:
1. Open Settings → Fraud Blocks (visible to org owners + admins).
2. Click "+ Add block", paste the email or domain, and write a short reason.
3. Save. The block takes effect immediately for your org.

How to remove a block:
Click "Remove" on the row. Future signups, sends, and inbound mail from that pattern resume.

Referring a block to Turtini for platform-wide enforcement:
If a bad actor is hitting multiple orgs and you want them blocked across all of Turtini, click "Refer to Turtini". You'll see exactly what we forward to the reviewer — a frozen, read-only evidence packet built from your org's data (contacts, sent / received mail, signup attempts, payment events, SIEM hits, prior moderation history). You cannot edit the packet — it's a snapshot of facts, designed so org admins can't paint a false picture.

Reviewer outcomes:
• Approved — added to the platform-wide list. Enforcement immediate.
• Needs info — the reviewer asks a clarifying question on the thread; you can reply.
• Rejected — closed. Your local block is unaffected; that stays your call.

Public mail providers (gmail.com, outlook.com, icloud.com, etc.) are auto-rejected at the domain-wildcard level — one bad actor on gmail.com is never enough to block every legitimate user. Block the specific email instead.