Hi, recently, amavis has started spooning out over some headers and munging attachments on emails. It's very random, sometimes happens and sometimes doesn't even if we send the attachment 5 times. It's impossible to accurately replicate. Here is an example of the headers on a suspect email Code: From - Thu Aug 12 18:27:38 2010 X-Account-Key: account2 X-UIDL: UID2524-1268054582 X-Mozilla-Status: 0003 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: Return-Path: <[email protected]> Received: from localhost (localhost [127.0.0.1]) by server1.xxxxxxx (Postfix) with ESMTP id 1C1C7A075; Thu, 12 Aug 2010 18:26:49 +0100 (BST) X-Virus-Scanned: Debian amavisd-new at server1.xxxxxxxx.co.uk [B]X-Amavis-Alert: BAD HEADER SECTION, MIME error: error: part did not end with expected boundary[/B] Received: from server1.xxxxxx.co.uk ([127.0.0.1]) by localhost (server1.xxxxxx.co.uk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sEiMepIFWeMU; Thu, 12 Aug 2010 18:26:48 +0100 (BST) Received: by server1.xxxxxxx.co.uk (Postfix, from userid 108) id 95476A1B6; Thu, 12 Aug 2010 18:26:48 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=g-q-r.com; s=dkim_2; t=1281634008; bh=6a9fN4hpcj/nqTz5xg3/nt8vs+qcI5xb8m8uJpQ+LpA=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type; b=d n/tZ0oBwNmaloeTTfmFj+F71D6fHb2OCdDSGuE72dgDGqQ1XQW5tQXqB3Am6wJRUR3p rvrT6dcgb451WhPpVMMTshOxVk1L+uPcExUExwJUrByE/o8P6Fe9gV2y01hd8slxKJl 4HHZTEZTSrNV8nkpENtXaTpl8VjTStKuskSM= Received: from WKSta08 (unknown [220.127.116.11]) (Authenticated sender: [email protected]) by server1.sm-technologies.co.uk (Postfix) with ESMTPA id 5EB31A075; Thu, 12 Aug 2010 18:26:47 +0100 (BST) From: "xxxxxxxx" <[email protected]> To: <[email protected]> Cc: <[email protected]> Subject: FW: prep - as attachment Date: Thu, 12 Aug 2010 18:28:33 +0100 Message-ID: <[email protected]> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_02D7_01CB3A4C.2C25C770" X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acs6KFzlgsPc2gujT5Gl4FFPdEZu3wAAaapwAANfLdA= Content-Language: en-gb X-Antivirus: avast! (VPS 100812-0, 12/08/2010), Inbound message X-Antivirus-Status: Clean I've had to chop out the email addresses for privacy, hope that's OK. Anyway the error from Amavis is in bold. I've tried stopping the header scanning in two ways, selective TLDs and turning off on everything, like so in /etc/amavis/conf.d/50-user : Code: @bypass_header_checks_maps = (); and Code: @bypass_header_checks_maps = (['.tld1.com', '.tld2.com']} However this seems to make no difference. I'm really stuck here and I've got a client balling down my neck about this and can't understand why this has happened all of a sudden. We recently updated the client machines that run Outlook 2007 to SP2 and it seems a bit coincidental with that, but I really need this to stop scanning headers first so I can get normal email resumed before I look into the cause. Any help would be REALLY appreciated. It's a fairly low power VPS running Debian 5.0 according to the HowtoForge perfect server instructions.