Question
Some of my tickets are getting suspended. What causes the Detected as spam suspension reason?
Answer
There are a variety of reasons a ticket could be detected as spam and placed within the suspended queue.
This article contains the following sections:
Types of spam
There are two different types of "Detected as Spam" suspended tickets:
- Tickets in which the requester was suspended. Suspensions can happen when an agent uses the Mark as spam option on a ticket without realizing that it also suspends the ticket requester. All future tickets from that sender are suspended as spam. To solve this, un-suspend the user.
- The spam filter set for the customer account, either Cloudmark or the Rspamd EAP, finds characteristics of the content suspicious. Some of these suspicious characteristics are listed under the Reasons for suspension tab in this article: Causes for ticket suspension.
How spam is detected
Zendesk Support uses a spam filter service, known as Cloudmark. To keep their processes safe and secure, Zendesk is not given any direct insight into Cloudmark’s algorithms. However, Zendesk is given information in the form of encoded “fingerprints” which can be used to examine the nature of the suspension.
Depending on your permissions, agents and admins can recover an email from the suspended queue. Recovery within Zendesk sends a coded message back to Cloudmark, letting them know that you believe the email is legitimate. Depending on the cause for the spam rating, this can resolve the issue for you over time, often just after a few recoveries. This allows for better results through dynamic analysis.
Gmail has more permissive spam detection than Cloudmark. It identifies spam based on your usage patterns and other factors to which Cloudmark doesn't have access. Therefore, Cloudmark may occasionally identify an email as spam even when Gmail doesn't.
Reasons for suspension
Find below some common causes for email suspensions.
- A handful of customers marked your outbound emails as spam. Using distribution groups or lists can lead end-users to mark emails as spam. Zendesk recommends the use of a dedicated support address that auto-forwards emails to your account.
- Domain temporarily blocked. Possibly due to a proactive outbound marketing campaign.
- The forwarding IP of your email is part of a shared-hosting setup such as GoDaddy, and this rating has nothing at all to do with you.
- The email address of the sender is recognized as a producer of spam. Sometimes, a local physical mailing address can be listed as engaging in questionable business practices or sales.
- The email was generated by an online form, such as PHP, which is associated with spam-like practices.
- Newsletters without a double opt-in option or mailing lists that include users who unsubscribed from your publication. An opt-in feature sends a confirmation email ensuring that the users want to receive your weekly or monthly mailouts.
- Email attachments include suffixes many filters will act upon, such as
.exe
,.avi
,.swf
, or.zip
. - Signature file links directly only to sales sites.
- Poorly formatted HTML. Sometimes this is caused by converting a Microsoft Word file to HTML.
- Emails with excessive use of bright colors, fonts, sizes, images, or links to social media sites.
- Emails that contain unapproved words such as "free", "sex", "viagra", "timeshare", "buy now", "urgent matter", "medical breakthrough", "money-back guarantee", "!!!!!!", and many others. In some cases, the excessive use of the word "opportunity" can cause a rise in the spam rate.
- A sending or relay server that isn't configured for a reverse DNS lookup.
- Bulk emails are sent using the BCC field.
- A website that doesn't let users update their profile details. This can result in email bounce-backs.
- Your autoresponder doesn't require confirmation, which allows people to fill your lists with false addresses.
For more information, see the article: Understanding and managing suspended tickets and spam.