You can add an additional layer of security on your inbound emails by enabling sender authentication with DMARC. This can decrease the number of spoofed emails and spam you receive. However, it can also lead to a greater number of "false positives" - that is, valid customer emails that end up in your Suspended tickets view.
This article includes the following topics:
Related articles:
Enabling sender authentication with DMARC
The task of enabling DMARC authentication is handled through the Email channels page.
To enable sender authentication
- In Zendesk Support, click the Admin icon (
) in the sidebar, then select Channels > Email. - Scroll down to the section Sender authentication with DMARC:
- Select Enable, then click Save at the bottom of the page.
Most emails that do not pass DMARC authentication are suspended. You can view them in your Suspended tickets view. Tickets suspended for failing to pass DMARC authentication have Failed email authentication as the cause of suspension.
To disable sender authentication, simply deselect Enable, and click Save again.
Checking for false positives
After you enable sender authentication with DMARC, it's important to regularly monitor your Suspended tickets view for "false positives" - emails that are marked as spam, when they are valid emails from customers.
To check your Suspended tickets view
- In Zendesk Support, click the Views (
) icon in the sidebar and then click the Suspended tickets view.
If you find that many valid emails are being suspended, we recommend you disable the DMARC authentication and contact our Customer Service team.
Comments
2 comments
It should be noted that if you workflow includes auto-forwarding email in to a Zendesk, the DKIM signatures may not be correct.
Before enabling this feature, you might look at the "original message" in a few recent tickets, and ensure that emails forwarded to your zendesk do not have "dkim=fail" in the list. If they do, you'll want to reconsider how you get messages in to Zendesk before enabling this feature.
Hi Allen, a DKIM failure on a forwarded email alone should not cause any change in behavior on our end. If that failure also included an SPF failure then there might be a flagged comment or a suspension, depending on wether it was a soft or hard-fail.
Please sign in to leave a comment.