Tuesday 26th July 2016 16:16
1. Check the ruleset files
(usr/mailscanner/etc/rules/spam.scanning.rules and virus.scanning.rules)
to see if it actually is listed correctly in there.
2. If it is correct in the ruleset files, make sure that if you are
forwarding another domain's emails to this domain, that domain also has
the same setting in the cPanel front-end and the ruleset files.
3. If the ruleset files are not correct, restart crond (type 'service
crond restart' at the shell prompt), wait 10 minutes and check the
ruleset files again to see if it is now correct.