Mail Server: Zimbra 6.0.9
Spam-Firewall: Barracuda Spam Firewall 300 (Firmware v6.1.5.006)
All spam firewalls only work so well, and unfortunately some spam will come through. Incoming spam will often attempt to send messages to invalid addresses on a valid domain. Zimbra reacts by trying to send a Non Delivery Report to the malicious sender (who spoofs an invalid address/domain). Barracuda cannot establish a connection with this spoofed address, and leaves the NDR in the Outbound-Queue in a deferred state.
These failed NDRs are simple to delete from the Outbound-Queue, but can pile up if unattended, on occasion over the limit (100) which email alerts are sent. Can Barracuda automatically delete these messages more quickly than the default 48 hour purge period? It would be helpful if there is a way to do this without disabling NDRs, instead to delete them if they appear to be non-deliverable.
Spam should obviously be mitigated as much as possible to prevent this scenario. But as mentioned, some spam will (and does) always come through.
You can try to reject emails to invalid recipients at the spam firewall level or at mta.
Barracuda spam firewall offeres Recipient Verification using different methods (LDAP Lookup, Explicit Users lists to Accept For).
And also: What methods of recipient verification are available on my Barracuda Spam Firewall? How do they work?
Zimbra also offers similar capability (which is based on postfix).
Details instructions here: Discarding Emails Sent to Invalid Addresses
As for changing the default value of 48 hours, in advanced configuration, there supposed to be a hidden expert variables tab which may allow you to set some special values. You may try to adjust it there. But be careful and better consult the technical support before changing anything.
Here is how to access the hidden tab: http://www.booches.nl/2009/05/secret-barracuda-spam-firewall-options/
&expert=1at the end of the url after the Advanced page is fully loaded and then press enter.