Good points. I was thinking along the same things. PDF is not protected or encrypted. I've increased amavisd logging but don't see any messages identifying it as spam or as a virus and "defanging" it. I suspect it may have to do with Webapp. Turning off the PDF box plugin on the user had not effect. I've been able to get the same response on another COS7 Business/Zarafa 7.2 community box.

I've tested to an exchange server, COS5.2/Zarafa 7.1.0, and COS 6/7.0.15 which all forward with the pdf attachment with the mail.

Workaround for now is to download it and reattach it to the mail. Will try imap next.

Outlook via IMAP forwards the attachment without issue.

You may also want to check the setting in Webconfig > Gateway > Antimalware > Gateway Antivirus for Block Encrypted Files. If it is not this, you may have to turn on debugging in amavis to see what is happening.

Can you check your mail logs with something perhaps like:

grep amavis /var/log/maillog

It will show a huge amount of entries, but if you can do a specific test and then look around that time for any messages.

Agree with Ben. You can check the log files to see if you are getting malware detections.

Are you certain it's Zarafa that is the problem? Sometimes, encrypted, or password protected PDF's get caught in the malware detection engine. It may have nothing to do with Zarafa.

Since you're on ClearOS 7, there is an upgrade path...and it's not as bad as going from ClearOS 6.

https://www.clearos.com/resources/documentation/clearos/content:en_us:7_kb_zarafa_to_kopano_upgrade

https://www.clearos.com/resources/documentation/clearos/content:en_us:kb_kopano_upgrade_8.5.8

B