Hi there, I've an untangle 11.2 installation that doesn't parse some of the email going through it, even though they show just fine in the spamblocker lite interface.
At the moment I can even recreate the problem since one of the email that skip virus lite check is hold in an antispam server before untangle, and when I try to redeliver the mail, it skipp virus lite check all the time. The mail contain a virus but I don't care if it's reported clean or infected, I just wish it was checked at all.
I've enabled the adding header option in the spamblocker, and in the report I can see the mail getting a score (1.7) and when I check the complete MIME for the mail, I can see the spam headers added by untangle.
There is no track however of such mail in the virusblocker lite.
The attachment is a zip with an exe inside.
I'v made sure the "zip" extensions is specified in the advanced options in virus lite. I even added all the mime types used in the email in question (application/* , text/* , multipart/* added to the default message/* ).
Still no luck..

This is the spamblocker lite report where I can see the email going through untangle:
spamlite_untangle.png

This is part of the email mime
Code:
 Received: from ---
by ---
with ESMTP id 2016030808480847-352 ;
Tue, 8 Mar 2016 08:48:08 +0100 
(cut)
From: --sender--
To: <piero_piutti@mydomain.it>
Subject: Invio Fattura Mese di Marzo 2016
MIME-Version: 1.0
X-Priority: 3 (Normal)
Message-ID: <8b1ffaf121.7Cf0a93f.6d70c14F9D9EAb@ekbbqc.prepl.tv>
X-MIMETrack: Itemize by SMTP Server on --- at
08/03/2016 08:48:00,
Serialize by Router on --- at
08/03/2016 08:48:00,
Itemize by SMTP Server on --- at
08/03/2016 08.48.08,
Serialize by HTTP Server on --- at
08/03/2016 08.51.13
X-spam-status: No, score=1.7 required=5.0 tests=RCVD_IN_DNSWL_NONE,FREEMAIL_FROM,SPF_HELO_PASS,RCVD_IN_SORBS_WEB,SPF_SOFTFAIL,FREEMAIL_ENVFROM_END_DIGIT,URIBL_BLOCKED,BAYES_40,HTML_MESSAGE
X-Spam-Flag: NO
Content-Type: multipart/mixed;
boundary="----=a__mty_2_218_478"

------=a__mty_2_218_478
Content-Type: multipart/alternative;
boundary="----=_mty_2_218_478"

------=_mty_2_218_478
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset="utf-8"

In allegato trasmettiamo ns fattura in oggetto .Cordiali saluti. - Uff. a=
mministrazioneAi sensi del Decreto Legislativo n. 196/2003, si precisa ch=
e le informazioni contenute in questo messaggio e negli eventuali allegat=
i sono riservate e per uso esclusivo del destinatario. Persone diverse da=
llo stesso non possono copiare o distribuire il messaggio a terzi. Chiunq=
ue riceva questo messaggio per errore, č pregato di distruggerlo e d=
i informare immediatamente: info@mobilia.it Sebbene questa e-mail e gli a=
llegati debbano ritenersi privi di qualsiasi virus č responsabilit&#=
224; del ricevente accertare che non ne siano affetti.
------=_mty_2_218_478
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset="utf-8"

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dutf-8">
<STYLE></STYLE>
</HEAD>
<BODY>
<div>
In allegato trasmettiamo ns fattura in oggetto .<br>
Cordiali saluti.<br>
- Uff. amministrazione
</div>

<p><font size=3D"2"><span>
Ai sensi del Decreto Legislativo n. 196/2003, si precisa che le informazi=
oni contenute in questo messaggio e negli eventuali allegati sono riserva=
te e per uso esclusivo del destinatario. Persone diverse dallo stesso non=
possono copiare o distribuire il messaggio a terzi. Chiunque riceva ques=
to messaggio per errore, č pregato di distruggerlo e di informare im=
mediatamente: info@mobilia.it Sebbene questa e-mail e gli allegati debban=
o ritenersi privi di qualsiasi virus č responsabilitą del ricev=
ente accertare che non ne siano affetti.</span></font>
</BODY></HTML>

------=_mty_2_218_478--

------=a__mty_2_218_478
Content-Type: application/zip; name="2016 - Fattura Mese di Marzo.zip"
Content-ID: <007201d17865$4157acf0$3201a8c0@25416B4R>
Content-Transfer-Encoding: base64

(cut --- attchment code follow)