Spent hours today looking for a solution and I'm pretty confused, so I hope this makes sense.
I am running ZCS 7.x
AV is set to not block encrypted attachments, PDFs generally come through fine.
Problem: Few, maybe 2 per week, non-encrypted PDFs, get marked as having a Virus, always from known and trusted individuals. Is there a way to whitelist just these known individuals and get these through?
— OR —
I would even be happy to be able to "release" these manually to the recipients, but the various methods described in these forums, don't work for me. The quarantined files do not show up in the /opt/zimbra/data/amavisd/quarantine folder. I can't find where Zimbra is putting these quarantined files that it notifies me of. The quarantine folder does have files, all starting with "badh" or "banned", but none that start with "virus", which is what the notification email tells me the filename will be.
Are locations different in ZCS 7? I've done full file searches for the virus filename and can't locate it. Are they stored in MySQL now?
Any way to "release" these or whitelist known users so their attachments always come through?