After implementing the AllowMalformedContainerTypes key per How to allow malformed containers with Symantec Mail Security for Microsoft Exchange (SMSMSE) 6.5.5 or later, additional message content such a read/delivery receipts and non-delivery reports are being deemed Malformed.
In the application event log, an event ID 218 with details similar to the following is written:
The message "<subject>" located in <location> has violated the following policy settings:
Rule: UFR - Malformed Files
The following actions were taken on it:
The message "<subject>" was <action> for the following reason(s):
Scan Engine Error. CSAPI DEC result: 0xA. A malformed container is detected. Engine Name: MIME.
By default, SMSMSE allows Malformed MIME containers. When implementing the AllowMalformedContainerTypes key, the MIME value is overwritten unless it is included in the value data.
Add the MIME value to the AllowMalformedContainerTypes key. For example, if the AllowMalformedContainerTypes key was created with the value PDF, change the value to PDF MIME: