Tumbleweed is not aware of any vulnerability in the Email Firewall product that would cause messages to bypass the policy engine. It is possible that the symptoms you are observing are as a result of a configuration problem. Please contact our global support team who can assist you in diagnosing and resolving any issue you may have.