Only Outbound email are quarantined.

Question

Only outbound email is being quarantined, mostly when spam is sent to an invalid address (the "undeliverable" message is quarantined) or when spam is sent to users with out-of-office turned on. Here's an example of the former:

Delivery has failed to these recipients or groups:

user@baptisthomes.org<mailto:user@baptisthomes.org>
The email address you entered couldn't be found. Please check the recipient's email address and try to resend the message. If the problem continues, please contact your email admin.

Diagnostic information for administrators:

Generating server: MailServer.baptisthomes.org

User@baptisthomes.org
Remote Server returned '550 5.1.10 RESOLVER.ADR.RecipientNotFound; Recipient not found by SMTP address lookup'

Original message headers:

Received: from mailserver.baptisthomes.org (192.168.120.70) by
 BHS-EX16-01.baptisthomes.org (192.168.120.70) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
 15.1.544.27; Mon, 9 Jan 2017 07:07:54 -0500
Received: from bhutm9.baptisthomes.org (192.168.1.2) by
 mailserver.baptisthomes.org (192.168.120.70) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
 15.1.544.27 via Frontend Transport; Mon, 9 Jan 2017 07:07:54 -0500
Received: from mta9.wanwul.us ([104.129.48.234]:48180 helo=wanwul.us)
        by bhutm9.baptisthomes.org with esmtp (Exim 4.82_1-5b7a7c0-XX)
        (envelope-from <wrinkly@wanwul.us>)
        id 1cQYjG-000416-0D
        for user@baptisthomes.org; Mon, 09 Jan 2017 07:07:45 -0500
Subject: Get a new Alarm Special + $100 Visa Gift Card Bonus from Protect Your Home
From: ADTAuthorizedDealer <riddled@mughal.wanwul.us>
To: <user@baptisthomes.org>
Date: Mon, 9 Jan 2017 04:06:38 -0800
Content-Type: multipart/related;
        boundary="0bb548aeb2531700ea09429c9d130813a"
MIME-Version: 1.0
Message-ID: <0.0.0.1A.1D26A70E1BC1278.1CD482@wanwul.us>
Return-Path: wrinkly@wanwul.us

Here's my current configuration:

I registered for the Barracuda RBL, and I have zen.spamhaus and bl.spamcop configured, as well as the two default RBL’s that Sophos uses.
I have confirmed spam set to be rejected at SMTP time, and all actions in the spam filter are to quarantine.
Everything is checked under advanced spam filtering, including strict RDNS Checks.

Thank you.

This thread was automatically locked due to age.

BAlfson · Answer

OK, James, I see now that these are all bounces by your mail server. In fact, these emails never should have been forwarded to your mail server. Let's start from scratch. 
 
 Even if you're not using Exchange, try the configuration recommended in Basic Exchange setup with SMTP Proxy . 
 On the 'Routing' tab, make sure that 'Recipient Verification' is not "Off" and tell us what setting you have. 
 On the 'Malware' tab, confirm that 'Reject malware during SMTP transaction' is selected. 
 On the 'Antispam' tab:
 
 Confirm you have 'Reject at SMTP time: Confirmed spam'. 
 In 'Advanced anti-spam features', select everything but 'Greylisting'.

On the 'Exceptions' tab, disable any Exception for Antispam or Antivirus. 
 
 If my guess is on-target, emails to non-existent accounts should no longer be forwarded to the mail server by the SMTP Proxy. To find out which of your Exceptions was causing the problem, re-enable them one at a time. 
 Any luck with that? 
 Cheers - Bob