Configure a manual pass through whenever you have a trusted relay server which sends you unfiltered traffic, the volume of mail will be enough to trigger an attack. However, in order for an attack rule to trigger, the majority of email from the source needs to fit the content profile of a DHA (little or no message content), email bomb (large messages), spam attack (spam messages), or virus outbreak (virus-laden messages). Once the second criteria is met, then an attack block will be triggered. Since the server is trusted, you know that it is not initiating the attack, so you should set a pass through to prevent automatic attack blocking from preventing all traffic from the server.
