Email is complicated. Hundreds of billions of messages are sent every day. Zendesk alone receives and processes millions. Over time, email's mission has changed. It's not just for person-to-person communication, but it's also for mass mailing and machine communication. Complication introduces a number of threats, including mail loops, which Zendesk Support takes into account for email management.
This article contains the following sections:
What's a mail loop?
Automatic acknowledgment of messages is a common practice for software that receives email. The default trigger Notify requester and CCs of received request is one example. When a ticket is created in Zendesk Support, the user is notified by email. This kind of behavior, while common, can result in a problem when two machines email each other.
It's not a problem for machines to receive email from one another. For example, if one system receives an email from another, then sends an automatic reply, that's fine. But if that system also replies automatically, this can kick off a mail loop. In this scenario, each system will continue to reply automatically to the other every time a notification is received, creating a never-ending loop, until someone or something intervenes.
Loops can occur other ways, as well. Updates to tickets may come from the API, ticket sharing, an app, or web interface. These updates can cause emails sent by trigger notifications such as Notify requester and CCs of comment update. Sometimes those emails can cause another update, not by email, but by some other means.
How Zendesk prevents mail loops
There are several different things Zendesk does to prevent mail loops. It should be stated clearly that we can't prevent all mail loops all the time. They're a part of the ecosystem now, and we're doing what we can, but just like spam messages, they will occasionally happen.
Here are some of the measures in place to prevent mail loops:
Suppression of automated notifications for Zendesk-to-Zendesk email
Most Zendesk accounts employ triggers to automatically let users know that their email was received and a ticket was created. However, if the user is another Zendesk account, those triggers can create an infinite email loop, with one Zendesk account automatically creating a ticket and sending a message to the other account, which then automatically creates a ticket and sends a message to the first account, and so on.
To avoid this problem, Zendesk Support differentiates between automatic email notifications and all other email notifications:
- Automatic email notifications are emails generated by Zendesk Support without any action on the part of an agent. When a ticket is automatically created from an incoming email, an automatic message is sent.
- All other email notifications include emails generated by Zendesk Support based on an action performed by an agent. When an agent adds a comment to a ticket, for example, an email notification is sent.
When your instance of Zendesk Support receives an email from an end-user that it identifies as another Zendesk account, it performs the following steps:
- Creates a ticket from that email, or threads the reply back into their original ticket, using the sending email address of the requester.
- Suppresses the triggers for automatic messages.
Email notification triggers are left intact, so when an agent adds a comment to a ticket, an email notification is still sent to the Zendesk account that submitted the original email, and the following flag is added to the comment:
Partner addresses list for Zendesks you have sharing agreements with
When you send email to another Zendesk, automatic emails notifications are suppressed, but email notifications generated by an agent action are sent. This can cause problems if you have a ticket sharing agreement with the other Zendesk. In that case, it's possible to create an endless loop of notifications if the email address for the user in the CC or Requester field is the support address of a Zendesk you have a sharing agreement with.
To prevent endless loops, Zendesk Support automatically maintains a list of Zendesk partner addresses—that is, a list of all the support addresses for each Zendesk Support you have a sharing agreement with.
When a user is created in Zendesk Support, the email address is checked against the list of partner addresses, and if the address is on the list, then all email notifications, including those generated by agent action, will be suppressed to that user. On a ticket, you'll see a flag when a user on your list of Zendesk partner addresses is in the CC or Requester field. The warning flag lets you know that email will not be sent to that user.
Likewise, email sent to Zendesk Support from any email address on your partner addresses list will be rejected by Zendesk Support, because there is already a sharing agreement in place. If you need to, you can create a ticket with this user as requester and share the ticket back to the Zendesk you already have sharing agreement with.
Unique support addresses, not used for users
Your users contact you at your support addresses. If you use external support addresses (i.e. support@mycompany.com), Zendesk Support prevents mail loops by disallowing users with one of your support addresses as their email. In other words, if you have an end-user whose email address is support@example.com, you cannot enable support@example.com as a support address. If you have support@example.com as a support address, you cannot create a user with that address.
We do this to prevent notifications being sent to your support addresses. If we did send email to one of them, they would automatically forward that email back to Zendesk Support, creating another ticket. This process would then continue to loop, resulting in many tickets or comments.
Bulk mail and no-reply addresses do not create tickets
Certain emails don't create tickets by default, such as bulk mail or messages that identify as machines.
Tickets also aren't created when the sender is a no-reply address. These are mostly governed by suspended tickets. You can add the address to the allowlist if you know the sender is safe; however, doing so will increase the rate limits for that specific email address and the number of suspensions by a factor of ten. At that point, Zendesk will start to drop the traffic. Zendesk reserves the right to suspend or block any traffic exceeding safe levels. The email channel isn't designed for programmatic or automated traffic; that is the exclusive purpose of the API. Using the email channel for this type of traffic should be regarded as a temporary workaround.
When a ticket is created on behalf of a bulk sender, Zendesk suppresses automatic notifications. Agent comments will still trigger notifications, but to avoid mail loops, Zendesk suppresses any message that is sent when no comment is added. This is true when you recover these messages from suspension or add such users to the allowlist.
Fall-back limitations for ticket updates by a user within an hour
As a last resort form of prevention, Zendesk limits the number of updates a single user can make within an hour. There's a limit of 20 emails from the same user within an hour. Beyond that, the following 20 updates will be suspended. If more than 40 are received, all additional updates within that hour will be rejected (meaning they won't even create suspended tickets). This serves as a way to prevent mail loops from becoming a serious problem.
This limitation won't work if the other system doesn't use the same email address every time. Some systems use a new email address for each automated message.
You can add the address to the allowlist if you know the sender is safe; however, doing so will increase the rate limits for that specific email address and the number of suspensions by a factor of ten. At that point, Zendesk will start to drop the traffic. Zendesk reserves the right to suspend or block any traffic exceeding safe levels. The email channel isn't designed for programmatic or automated traffic; that is the exclusive purpose of the API. Using the email channel for this type of traffic should be regarded as a temporary workaround.