I noticed messages in my /opt/zimbra/data/amavisd/quarantine directory and as I started looking into them, I noticed that they all had been delivered except for the ones tagged as having a virus (which we will ignore going forward).
All of the files had a filename syntax of "badh-XXXXXXXXXXX", where the X's were random characters.
The appear to all be messages that had some kind of error in their header. Either an invalid character or a duplicate field...
X-Amavis-Alert: BAD HEADER SECTION Non-encoded 8-bit data (char __ hex):
X-Amavis-Alert: BAD HEADER SECTION Duplicate header field: "Message-ID"
X-Amavis-Alert: BAD HEADER SECTION Duplicate header field: "To"
I would have expected all of these to be "held" rather than delivered. Certainly they shouldn't appear in a quarantine folder and then still be delivered.
Has anyone else see this? Does anyone know how to keep them from being delivered to the user?
Thanks to you all in advance,