The behaviour is a design. It is a restriction enforced when a contact, who's Access Type does not have the licensed checkbox checked, sends the email to generate the Incident.
See the screenshot below:
Administration tab > Security and Role Management > Access Type > Employee > 'Licensed?' check box.
Contacts with a non-licensed Access Type can view and update the personal data only.
In this example email body below the Cust1 contact has the Employee Access Type. Therefore, the group value 'Group1' was not set on the generated incident.
As a workaround, if the '%CUSTOMER_NAME=' parameter is omitted from the body of the email, the group attribute will be set on the generated incident. In this case, the customer will automatically be set to the contact who's email address matches that of the sender of the email. That contact however, must have an Access Type that has the licensed option checked.