Emails with Outlook 2003\2007 stationery getting rejected

Hello,
Since the end of November at least, a number of our users are reporting that when some people try to reply to their email, they are getting rejection messages stating:

"This is the Spam & Virus Firewall at barracuda.(domain).
I'm sorry to inform you that the message below could not be delivered. When delivery was attempted, the following error was returned.

<senders email address>: host 172.21.0.57[172.21.0.57] said: 554 5.6.0 Invalid content (in reply to end of DATA command)"

The emails are being allowed through the Barracuda firewall device. The message is then rejected on our EDGE Exchange email server that uses ESET Mail Security for Exchange 4.3.

The messages are seen in the Antispam log of ESET with a score of 90.

We have determined that the reason is because of the Stationery Themes in our user's original email message that was used in a reply. Most likely culprit is the LEAVES stationery theme. ESET is seeing the add-on graphics as indicators of spam.

Please note, these are users who have been upgraded from Office 2003\2007 to now using Office 2010. So, this stationery is a carry over form the previous version. I have fresh install of Office 2010 and I am unable to find the LEAVES stationery theme.

 

Have you tried setting Outlook to only read all email in plain text for all users? This should remove any previous stationary from replies and resolve the email rejection issue.

 

Hello Dwomack,
that would work for our in-house Outlook users. However we are not able to tell outside users to do that. And how many outside users use Outlook anyway?

 

Now, Eset Email for Exchange is now blocking random emails from the same sender. Some emails will come through, while others will be rejected. See attachment.

And to further clarify that this is an ESET rejection, the user sending the emails is on our Firewall's Whitelist.

On the ESET Antispam Log Files on our Edge server for the user, I'm seeing:

Non-specific spam indicator (100%) retained
Spammy keyword Free stuff (59%) retained
Sender has spammy reputation (54%) rejected
Non-specific spam indicator (100%) retained
Custom spam phrases (100%) retained
Spammy keyword Advance Fee Fraud (57%) retained
Sender has spammy reputation (100%) retained
Generic spam indicator (54%) rejected
Sender has spammy reputation (50%) rejected
Sender has spammy reputation (100%) retained
Sender has spammy reputation (67%) rejected

This guy is basically forwarding internet stories, jokes, friendly daily sayings, news items, etc.

In this case, there is no Theme or Stationary causing conflict.

Is the only way to fix this to add the user's email server to the antispam approved IP list under Antispam Engine Setup?