diff --git a/gmail-poll.js b/gmail-poll.js
index 5ca2136..fd8dbd7 100644
--- a/gmail-poll.js
+++ b/gmail-poll.js
@@ -7,8 +7,8 @@
  */
 const {
   ChannelType,
-
-  EmbedBuilder
+  EmbedBuilder,
+  PermissionFlagsBits
 } = require('discord.js');
 const { mongoose, withRetry } = require('./db-connection');
 const { CONFIG } = require('./config');
@@ -150,7 +150,22 @@ async function findOrCreateTicketChannel(guild, parsed, number) {
     const channel = await guild.channels.create({
       name: chanName,
       type: ChannelType.GuildText,
-      parent: parentCategoryId
+      parent: parentCategoryId,
+      // Email tickets have no Discord creator — the customer is reachable
+      // only by email. So the only per-channel allow is the staff role; we
+      // still explicitly deny @everyone in case the category permissions
+      // are ever misconfigured to grant View Channel server-wide.
+      permissionOverwrites: [
+        { id: guild.id, deny: [PermissionFlagsBits.ViewChannel] },
+        ...(CONFIG.ROLE_ID_TO_PING ? [{
+          id: CONFIG.ROLE_ID_TO_PING,
+          allow: [
+            PermissionFlagsBits.ViewChannel,
+            PermissionFlagsBits.SendMessages,
+            PermissionFlagsBits.ReadMessageHistory
+          ]
+        }] : [])
+      ]
     });
     return { channel, parentCategoryId };
   } catch (createErr) {