I'm getting bounces out of the system when an infected message arrives. The message is being sent to admin@first.domain notifying the administrator that the message wasn't delivered, but *that* administrative notification bounces with "Undelivered Mail Returned to Sender". The admin address in question is an alias on root@first.domain, which is forwarded to our primary root address. There's no particular error given, just that it couldn't be delivered:

May 7 11:39:32 zmail01-mta02 postfix/smtpd[18669]: E177B7010D: client=localhost.localdomain[127.0.0.1]
May 7 11:39:32 zmail01-mta02 postfix/cleanup[27751]: E177B7010D: message-id=<VAlZf19FzdaE-P@zmail01-mta02.server.peak.org>
May 7 11:39:33 zmail01-mta02 postfix/qmgr[17354]: E177B7010D: from=<admin@zmail01.peak.org>, size=2428, nrcpt=1 (queue active)
May 7 11:39:33 zmail01-mta02 amavis[20461]: (20461-08) SEND via SMTP: <admin@zmail01.peak.org> -> <admin@zmail01.peak.org>,ENVID=AM..20090507T183932 Z@zmail01-mta02.server.peak.org 250 2.6.0 Ok, id=20461-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as E177B7010D
May 7 11:39:33 zmail01-mta02 postfix/error[30629]: E177B7010D: to=<admin@zmail01.peak.org>, relay=none, delay=0.32, delays=0.12/0.12/0/0.08, dsn=5.0.0, status=bounced (zmail01.peak.org)
May 7 11:39:33 zmail01-mta02 postfix/bounce[30630]: E177B7010D: sender non-delivery notification: 3ED4470109
May 7 11:39:33 zmail01-mta02 postfix/qmgr[17354]: E177B7010D: removed

It *looks* like what's happening is that the message to the recipient is including the full original message, including the virus, and thus getting blocked, causing the sender of the quarantine notice (i.e. admin) to get the bounce. I don't see how recipient notices can ever work that way:

May 7 11:39:31 zmail01-mta02 amavis[20461]: (20461-08) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20090507T111516-20461: <office@avicolaiasi.ro> -> <original-recipient@recip.domain> SIZE=41905 Received: from zmail01-mta02.server.peak.org ([127.0.0.1]) by localhost (zmail01-mta02.server.peak.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <original-recipient@recip.domain>; Thu, 7 May 2009 11:39:31 -0700 (PDT)
May 7 11:39:31 zmail01-mta02 amavis[20461]: (20461-08) Checking: lZf19FzdaE-P [213.233.64.128] <office@avicolaiasi.ro> -> <original-recipient@recip.domain>
May 7 11:39:32 zmail01-mta02 amavis[20461]: (20461-08) local delivery: <> -> <virus-quarantine>, mbx=/opt/zimbra/data/amavisd/quarantine/virus-lZf19FzdaE-P
May 7 11:39:33 zmail01-mta02 amavis[20461]: (20461-08) SEND via SMTP: <admin@zmail01.peak.org> -> <admin@zmail01.peak.org>,ENVID=AM..20090507T183932 Z@zmail01-mta02.server.peak.org 250 2.6.0 Ok, id=20461-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as E177B7010D
May 7 11:39:33 zmail01-mta02 amavis[20461]: (20461-08) SEND via SMTP: <admin@zmail01.peak.org> -> <original-recipient@recip.domain>,ENVID=AM..20090507T183933Z @zmail01-mta02.server.peak.org 250 2.6.0 Ok, id=20461-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 130A17010F
May 7 11:39:33 zmail01-mta02 amavis[20461]: (20461-08) Blocked INFECTED (Worm.SomeFool.P), [213.233.64.128] [213.233.64.128] <office@avicolaiasi.ro> -> <original-recipient@recip.domain>, quarantine: virus-lZf19FzdaE-P, Message-ID: <20090507183925.9F28670109@zmail01-mta02.server.peak.org>, mail_id: lZf19FzdaE-P, Hits: -, size: 41905, 1650 ms
May 7 11:39:33 zmail01-mta02 amavis[20461]: (20461-08) extra modules loaded: PerlIO.pm, PerlIO/scalar.pm
May 7 11:39:33 zmail01-mta02 postfix/smtp[27874]: 9F28670109: to=<original-recipient@recip.domain>, relay=127.0.0.1[127.0.0.1]:10024, delay=7.9, delays=6.2/0/0.01/1.7, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=20461-08 - VIRUS: Worm.SomeFool.P)


By "first.domain", I mean the first test domain I configured when I was setting up zimbra; it's *not* the default domain, nor is it admin@the-recipients-domain, either of which would make more sense...

A related issue is that the wiki says (Zimbra MTA - Zimbra :: Wiki) that admin notification is set by default, but it doesn't say how to change that, which I would expect to be right next to the recipient notification button in the global settings/as/av section. I would also recommend that the recipient notifications be a user configurable option, as I could see different users having different preferences...