Understanding and managing suspended tickets and spam

Have more questions? Submit a request

48 Comments

  • Stephen Fusco

    Hey Alex, 

    Because the suspended tickets view is a system generated view it cannot be edited. However, the suspended view is only visible to agents with access to all tickets. So if you were to restrict your agent's access to only tickets in their groups then they would not have access to this view. 

    For Team and Professional, set Access to Tickets in agent's groups in the agent's profile. For Enterprise, select Agent can assign ticket to any group in the custom role for the agent.

    Even if they do have access though, you can restrict an agent's ability to delete tickets. Agents must have permission to delete tickets. On Essential, Team, or Professional, click the Admin , select Settings > Agents, then make sure Agents Can Delete Tickets is not selected. On Enterprise this would be done in custom roles.

    In response to your second question, there is an audit log available on Enterprise plans which will show you a log of actions taken in your account: Viewing the audit log

    0
  • Tim Shaw

    This article says:

    Emails are suspended if Zendesk Support detects they're not from real users. Examples:

    • Suspected spam
    • Automated response emails, including out of office or vacation auto-generated response emails

    Please could you give a complete list of what automated response emails will be excluded. I'd like to see if calendar invite responses are excluded.

     

    Thanks

    0
  • Sean Cusick

    Hi Tim, We do apologize, it is not possible to provide a complete list of emails that would become suspended. The expectation should be that any email arriving from an automated sending source will become suspended. With calendar invites it is possible for them to be sent from individual users or from the provider for the calendar service. The only way to find out with your example would be to test.  

    0
  • Gordon McWhorter

    Just got one in that says Malware Detected. Wow! Really? What's in it? Do you all want to take a look or shall I just delete it?

     

    Thanks!

    0
  • Sean Cusick

    Hi Gordon,

    It is entirely up to you what you wish to do with it. You can ignore it and will be deleted in 14 days, you can delete it now, or you can recover it (just be careful not to open any attachments without your local machine and local network being protected). 

    If you have any other questions for us feel free to open a ticket with us at support@zendesk.com

    0
  • Gordon McWhorter

    Fun. Okay. Thanks.

    0
  • Jessie Schutz

    Hey Gordon! 

    Just a heads-up that I removed the image from this comment for you...it had an un-redacted email address in it, and I didn't figure you'd want that out floating around. Feel free to edit your comment to add an updated version of the image with the email blocked out if you'd like!

    0
  • Gordon McWhorter

    Ha! You bet, Jessie. Thanks! 

    0
  • Pierre Clouthier

    Blacklist? Seriously? Do you think the spammers are considerate enough to send all their spam from the same domain?

    Every single spam that I am seeing in my Suspended Emails originates from a different, spoofed address, many from GMail.

    Isn't there a more sophisticated pattern that can be matched in the email headers?

    0
  • Brett - Community Manager

    Hi Pierre,

    Are these spam emails being sent to your Zendesk support address or are these being sent to an external email address which is then being sent to your Zendesk Support account?

    You may also want to take a look at our Spam prevention resources for some additional information.

    Hope this helps!

    0
  • Forrest Hoffman

    Something has changed. Over the last 3 weeks I have also been receiving many more SPAM tickets via the standard support e-mail that comes with Zendesk.  Is it possible that the changeover to the new AWS mailer has somehow exposed all of your customer domain ID? I usually get about 3 to 8 SPAM per day now.  My org is Open ticket to allow people to use their private e-mail address when they are locked out of SSO and for our external collaborators to get assistance. I cannot close the e-mail channel.

    Is there a way for us to just use your SPAM detector to block BEFORE it even creates a ticket?

     

    As a test I am de-selecting the option to Send via GMAIL servers in case that is where the exposure occurred.

    0
  • Sean Cusick

    Hi Forrest, It is unlikely that any upcoming outbound sending changes caused this, though I will check with our Dev team to see if that is a possibility. Spammers are tenacious and they will continue to attack whatever they believe to be viable targets. Native Zendesk support addresses are targeted because they have one less spam check to go through to become a ticket, where a forwarded email is subject to two spam checks, doubling the likelihood of suspension. It is also unlikely that the "Send email via Gmail" feature would have caused any exposure to a native Zendesk address, as that traffic is never routed through that feature. It just sometimes happens that spammers move from account to account trying to target them as a relay for spam. Spam is an unfortunate byproduct of any system that relies on the use of email.  

    0
  • Forrest Hoffman

    Thanks, what alarms me is the SPAM has never been a problem (more than 3 years) until about 3 weeks ago. Then it was like a floodgate opened and I am receiving more every week. I have not made any other changes to our advertising with regards to the support e-mail and it seems to correlate very closely to the AWS transition or my change to the use GMAIL sender.  I thought using the GMAIL sender might give more protection even though we are O365 based but I may have been mistaken.

    0
  • Tyler

    I'm seeing the exact same thing on my account. Approximately 3 weeks ago I started receiving much more spam and some are making it through the spam filters.

    0
  • Pierre Clouthier

    Use "Bulk delete" Zendesk plugin to facilitate getting rid of the trash.

    0
  • Forrest Hoffman

    Is it also possible that this recent announcement by Zendesk has somehow allowed SPAM to get into the e-mail channel without being the CC?  BTW, since the announcement linked above, I have not received ANY more SPAM or Suspended tickets.

    0
  • Brett - Community Manager

    Hey Forrest,

    The announcement you mentioned above was actually implemented March of 2018 so I don't think the two would be related. It looks like the article was archived but then made public again which would explain why you received the email notification. Glad to hear you're no longer receiving Spam in your account!

    Let me know if you do have additional questions for me.

    Cheers!

    0
  • Lila Kingsley

    The article above states "Emails submitted by end-users on the blacklist are suspended or rejected."  Can you please clarify what causes it to suspend vs reject??  I didn't see any explanation of this in the article--apologies if I missed it.  For us, if we go to the trouble of blacklisting an email address/domain, we wouldn't want it to go in the suspended tickets view because someone will still have to look at it.  If we blacklist we don't want to see it. 

    0

Please sign in to leave a comment.

Powered by Zendesk