The Suspended Tickets view displays messages describing the cause of suspension for each suspended email. The following table lists the possible descriptions in the view and what each one means.
| Cause of suspension | Description | Solution |
|---|---|---|
| Automatic email processing failed | Although rare, you might see this if a system-wide email processing error occurred. | Contact Zendesk Customer Support for further assistance with this cause of suspension, or refer to this article for help. |
| Automated response mail | This is used when the email header indicates that the message is an auto-generated email of any kind. | Zendesk does not support the un-suspended flow of automated emails into
Zendesk, including from custom built ticket forms. The API and
Channels Framework are the only channels that support programmatic creation and
updating of tickets. The following headers can lead to this cause of suspension:
|
| Automated response mail, out of office | Out of office and vacation auto-generated response emails are suspended. | Out-of-Office replies represent a threat to automated email systems. These are often suppressed by the sending domain, but should always be suspended if they do arrive at Zendesk. |
| CCs/followers limit reached | A ticket can have no more than 48 email addresses included as CCs. | Delete unnecessary email addresses from the CC line. |
| Detected as email loop | If you receive a large number of emails from a single sender in a short period of time, those emails are suspended and the sender's address is blocklisted for one hour. This also happens to tickets that are sent from an address equal to your default Reply To address. | Zendesk does not support the bulk creation of tickets via emails to Zendesk from the same sender. The API and Channels Framework are the only channels that support bulk creation of tickets. |
| Detected as spam | This email was flagged as spam by the Zendesk email detection filters. This email may also be flagged as spam because it was sent from a suspended user. Some messages, if flagged with very high confidence of spam, are rejected entirely and will not appear in the Suspended tickets view. | Check if the user is suspended, and unsuspend if necessary. You can recover the suspended ticket, which can help improve the sender's reputation going forward. |
| Detected email as being from a system user | Email generated by a mail server (for example, messages sent from addresses beginning with mail-daemon@ and postmaster@) are suspended because it is assumed that they are not intended to be support requests. | Mail from these addresses will need to be sent from or redirected through non-system addresses. |
| Email authentication failed | The email is spoofed. The email appears to have originated from someone or somewhere other than the actual source. This can also occur when the sender of the email is an agent and the sender or forwarding domain fails DMARC. | The sender of this email must be permitted to send mail from your domain. Consider configuring SPF and DKIM for this sending source, or disabling Sender Authentication in email channel settings. Contact Zendesk Customer Support for further assistance. |
| Email for "noreply" address | The email address is a "no reply" email address, meaning that it is not intended to receive email. | Most no-reply addresses are not intended to be responded to, and emails to these accounts are frequently not checked. You may want to verify that your responses to these addresses are reaching your customers. |
| End user only allowed to update their own tickets | This indicates that an email response for the purpose of updating a ticket was received from an address or user that is different from the original submitter's email address. This might happen if the submitter forwarded the email to a different email account or user and then an attempt to reply back to your Zendesk was made. Multiple email addresses per user are supported but they must be added to the user's profile. | You can add the user as a CC to the ticket, otherwise their update will create a flagged comment. |
| Email is too large | The email sent by the end user exceeds the maximum size limit and was rejected by the server. | The user can try resending the email at a smaller size. This limit is for the email body itself and is separate from the attachment size limits. |
| Failed email authentication | The email did not pass DMARC authentication. | Disable DMARC authentication. See Authenticating incoming email using DMARC. |
| Malicious pattern detected | Some part of this ticket's message matched a pattern that is frequently associated with spam messages, or messages intended to steal information from recipients. | If you see important messages suspended for this reason, contact Zendesk Customer Support. |
| Malware detected | This indicates that possible malware or a malicious URL was detected. | The user can scan the attachment or links for malicious intent before resending. Alternatively, resend the email without the attachment or suspect URL. |
| Permission denied due to unauthenticated email update | This indicates that the email header doesn't contain the email token identifying the ticket. This can happen if an email client strips out email header information. | Verify that no headers are being removed by the forwarding mail server and that the body is intact. Contact Zendesk Customer Support if you're still seeing issues. |
| Permission denied for unknown email submitter | When you require your users to register and create an account, email received from unregistered (unknown) users is suspended. | If you have a known customer base, consider importing your customer base prior to them submitting tickets. See Bulk importing users. |
| Received from support address | The email was sent by (not forwarded from) one of your support addresses. | The email was received from one of your listed support addresses and is causing a mail loop. You will need to change the from: and reply-to: addresses in your email client to show the actual requester's email address. |
| Sender or domain is on the blocklist | The ticket came from an address or domain that you've blocked. | If you need to accept these tickets, you can remove the address or domain from the blocklist (see Using the allowlist and blocklist to control access to Zendesk Support). |
| Sender domain not on allowlist | When your account is configured to allow emails from only a given set of domains (using the allowlist), this indicates that the sender's email address or domain is not within that set. | You need to allow the email domain or address (see Using the allowlist and blocklist to control access to Zendesk Support). |
| Submitted by unverified user | This indicates that the user is known, but has not yet verified their email address. | The end user must verify their email address with the verification email sent to them. An agent or admin can also manually verify the email on the user's profile or resend the verification email. |
| Submitted by unverified account owner | The account owner never clicked the link within the verification email to verify their account. Zendesk sends this email to the account owner when the account is created or when a new owner or owner email address is added to the account. | The account owner can locate the email in their inbox and click the link to verify the address. Alternatively, you can resend the verification email. |
| User must sign up to submit email, user notified | This is used when an account requires end users to register and therefore verify their email address before submitting tickets (see Permitting only users with approved email addresses to submit tickets). Once their email address/user account is verified, they can submit tickets. | The user is prompted to register for access. Once the user registers, their suspended ticket turns into a normal ticket without any action from an admin required. |