I've got a few remote senders whose messages my server is rejecting and putting this in syslog: Blocked BAD-HEADER-0 {RejectedInbound,Quarantined}
This is strange, I cannot find a code path which sets CC_BADH without setting the minor > 0.
How do I determine what exactly is wrong with the header that the remote server is sending?
What is your log_level and do you see "check_header: " log lines?
If I can't get the remote site to fix their stuff, is there a way to bypass the header check for their domains only?
If they DKIM-sign their mails, you can use author_to_policy_bank_maps and disable header checks inside such policy_bank.
