The Suspended Tickets view displays messages describing the cause of suspension for each suspended email.

The following table lists the possible descriptions in the view and what each one means.
Tip: You can export the suspended ticket list to obtain the suspension Cause ID for each ticket. Then, cross-reference the cause ID with the Cause of suspension reference.

Related articles:

  • Understanding and managing suspended tickets and spam
  • Guidelines for reviewing suspended tickets
  • Setting up suspended ticket notifications
Cause of suspension Description Solution
Automatic email processing failed Although rare, you might see this if a system-wide email processing error occurred. Contact Zendesk Customer Support for further assistance with this cause of suspension, or refer to this article for help.
Automated response mail This is used when the email header indicates that the message is an auto-generated email of any kind. We do not support the un-suspended flow of automated emails into Zendesk, including from custom built ticket forms. The API and Channels Framework are the only channels that support programmatic creation and updating of tickets. The following headers can lead to this Cause of Suspension:
  • X-Twitteremailtype
  • X-Mailing-Software
  • Precedence
  • Auto-Submitted
  • Autoresponder
  • X-Autoreply
  • X-Autorespond
  • X-Autoresponder
  • X-Auto-Response-Suppress
  • X-Tender
  • RT-Ticket
  • Kayako|MailChimp|Benchmail Agent|Clang|Autoresponder
  • cmWinServer
  • X-EviteMessageID
  • Delivered-To
  • X-NetSuite
Automated response mail, out of office Out of office and vacation auto-generated response emails are suspended. Out-of-Office replies represent a threat to automated email systems. These are often suppressed by the sending domain, but should always be suspended if they do arrive at Zendesk.
CCs/followers limit reached A ticket can have no more than 48 email addresses included as CCs. Delete unnecessary email addresses from the CC line.
Detected as email loop If you receive a large number of emails from a single sender in a short period of time, those emails are suspended and the sender's address is blocklisted for one hour. This also happens to tickets that are sent from an address equal to your default Reply To address. Zendesk does not support the bulk creation of tickets via emails to Zendesk from the same sender. The API and Channels Framework are the only channels that support bulk creation of tickets.
Detected as spam This email was flagged as spam by Zendesk's email detection filters. This email may also be flagged as spam because it was sent from a suspended user. Some messages, if flagged with very high confidence of spam, are rejected entirely and will not appear in the Suspended tickets view. Check if the user is suspended, and unsuspend if necessary. You can recover the suspended ticket, which can help improve the sender's reputation going forward. See the support tip What does "Detected as spam" mean? for more information.
Detected email as being from a system user Email generated by a mail server (for example, messages sent from addresses beginning with mail-daemon@ and postmaster@) are suspended because it is assumed that they are not intended to be support requests. Mail from these addresses will need to be sent from or redirected through non-system addresses.
Email authentication failed The email is spoofed. The email appears to have originated from someone or somewhere other than the actual source. This can also occur when the sender of the email is an agent and the sender or forwarding domain fails DMARC. The sender of this email must be permitted to send mail from your domain. Consider configuring SPF and DKIM for this sending source, or disabling Sender Authentication in email channel settings. Contact Zendesk Customer Support for further assistance.
Email for "noreply" address The email address is a "no reply" email address, meaning that it is not intended to receive email. Most no-reply addresses are not intended to be responded to, and emails to these accounts are frequently not checked. You may want to verify that your responses to these addresses are reaching your customers.
End user only allowed to update their own tickets This indicates that an email response for the purpose of updating a ticket was received from an address or user that is different from the original submitter's email address. This might happen if the submitter forwarded the email to a different email account or user and then an attempt to reply back to your Zendesk was made. Multiple email addresses per user are supported but they must be added to the user's profile. You can add the user as a CC to the ticket, otherwise their update will create a flagged comment. See Configuring CC permissions and notifications for more information.
Email is too large The email sent by the end user exceeds the maximum size limit and was rejected by the server. The user can try resending the email at a smaller size. This limit is for the email body itself and is separate from the attachment size limits.
Failed email authentication The email did not pass Zendesk's DMARC authentication. Disable DMARC authentication. See Authenticating incoming email using DMARC.
Malicious pattern detected Some part of this ticket's message matched a pattern that is frequently associated with spam messages, or messages intended to steal information from recipients. If you see important messages suspended for this reason, contact Zendesk Customer Support.
Malware detected This indicates that possible malware or a malicious URL was detected. The user can scan the attachment or links for malicious intent before resending. Alternatively, resend the email without the attachment or suspect URL.
Permission denied due to unauthenticated email update This indicates that the email header doesn't contain the email token identifying the ticket. This can happen if an email client strips out email header information. Verify that no headers are being removed by the forwarding mail server and that the body is intact. Contact Zendesk Customer Support if you're still seeing issues.
Permission denied for unknown email submitter When you require your users to register and create an account, email received from unregistered (unknown) users is suspended. If you have a known customer base, we would suggest importing your customer base prior to them submitting tickets. See Bulk importing users.
Received from support address The email was sent by (not forwarded from) one of your support addresses. For information about support addresses, see Adding support addresses for users to submit support requests. The email was received from one of your listed support addresses and is causing a mail loop. You will need to change the from: and reply-to: addresses on the email show the actual requester's email address.
Sender or domain is on the blocklist The ticket came from an address or domain that you've blocked. See Using the allowlist and blocklist to control access to Zendesk Support. If you need to accept these tickets, you can remove the address or domain from the blocklist (see Using the allowlist and blocklist to control access to Zendesk Support).
Sender domain not on allowlist When your account is configured to only allow emails from a given set of domains (using the allowlist), this indicates that the sender's email address or domain is not within that set. You will need to allow the email domain or address (see Using the allowlist and blocklist to control access to Zendesk Support).
Submitted by unverified user This indicates that the user is known, but has not yet verified their email address. The end user must verify their email address with the verification email sent to them. An agent or admin can also manually verify the email on the user's profile or re-send the verification email (see Verifying a user's email).
Submitted by unverified account owner The account owner never clicked the link within the verification email to verify their account. Zendesk sends this email to the account owner when the account is created, or a new owner or owner email address is added to the account. The account owner can locate the email in their inbox and click the link to verify the address. Alternatively, you can resend the verification email.
User must sign up to submit email, user notified This is used when an account requires end users to register and therefore verify their email address before submitting tickets. Once their email address/user account is verified, they can submit tickets. The user will be prompted to register for access (see Permitting only users with approved email addresses to submit tickets). Once the user has registered, their Suspended ticket will turn into a Support ticket without any action from an Admin required.
User does not have authority to update this ticket This occurs when an end user attempts to reply to a ticket notification, but they are not a participant. This can also happen if someone removes the encoded ID when responding to the ticket.
Note: If an agent recovers a ticket suspended for this reason, the end user attempting the reply will be added to the ticket's CC list. Anything recovered from this will thread into the given ticket and add the user as a CC. For more information, see Guidelines for reviewing suspended tickets.
 
Powered by Zendesk