Mass Duplicate Email / Notifications Issue

Hi @alyssia.correa.

Can you take a look into this?

Regards,

Elvis

Thanks, appreciate it. I’ve requested escalation multiple times. Support is acting like it’s fixed by unblocking the requester but obviously it’s going to happen again.

The issue is on Freshworks’ email server but it doesn’t seem like support knows how to troubleshoot that as they keep looking in our admin settings. Very frustrating and I’m beginning to think we need to move to another product based on my last few technical support issues. 
 

I’ll reach out to my CSM, thanks. 

Thanks @eeha0120 -

The email is from Freshworks server though.  I’ll try to explain more below

End User Sends email to suppor@OurDomain --- Fwded to Freshworks email proxy --- Opens a ticket and emails Requester that a ticket has been opened… also emails any other email address CCed on the actual email.

This has been setup this way for 3 years, no issues.  The end user used multiple devices, so that rules that out.  I thought maybe they had cloud Outlook rules that were setup to fwd emails, that is not the case.  I checked to see if they were apart of any shared inboxes of distribution groups involved, they are not.  

What convinced me that it was on the Freshworks email side - As soon as they blocked the end user, ALL duplicate emails stopped.  If it was on our side, the duplicate emails would continue to the other users but they stop the moment Freshworks blocks the user.  Email logs on Freshworks side will likely reveal the cause and maybe there is something on our side that we need to adjust but I am powerless without those logs.  Only support can help and we are going on 3 weeks with no resolution. 

Hi.

Thanks for sharing these additional details on your case.

I was asking about your domain SPF records and DKIM enabled just for that, because of the spoofing possibly been sent, which you have just confirmed.

We could analyze one of the emails the CC’ed are receiving in order to understand a little bit more or even trying to help FW to diagnose, if you wish. DM if you are willing to.

But now I’m a little even more intrigued about this, as you see in ticket activities the replies being sent.

If it were something on FW outsourced email service, you wouldn’t notice the updates on ticket activities, so, this is something happening in a higher level than email. Email, I guess and think, is only processing what it is requested to do. Something on the FD side itself is “replying” and hence the emails are being sent. But I completely follow without further information.

Yes, definitely logs would help a lot.

Once again, thanks for sharing. Hope you get the proper help on this odd case. If I can be of further help, DM!

Regards,

Hi @BobbyBMore - this may seem rudimentary but ….

The only time I’ve seen a similar ticket storm is when a Help Desk email (e.g. support@customer) emails our support@fsvc and we create a ticket and our acknowledgement email goes out and their HD creates a ticket and sends an acknowledgment email which creates a new ticket on FS and then we reply and round and round we go.

Usually, I handle that through Supervisor Rules to check the inbound email and if it’s from support@customer then do not send acknowledgment email.

I have turned off the automated New Ticket auto in Email Notification bc of the risk of ticket storms - we have a lot of MSP customers with their own HD portal.

→ Yes, FS uses an authorized “spoof” of our domain names so that emails go out from FS looking like our support@ourdomain email acct sent them even though they definitely were sent by FS.

My other thought was to double check Email Settings and Mailboxes to confirm that the email account that receives the inbound email and then forwards to FS is set up correctly and that the forward is not duplicated or has some other rule that is creating the spam situation.

HTH
Bryn