At least one open source virus scanner has a cookbook config that treats
.eml as an "executable attachment" and discards email that has a .eml
It turns out tha message I forwarded had a "null.eml" attachment
that I did not notice and remove.
I am now being mailbombed by AV software all over the place!
The attachment is rfc822, it has a null name. Looks ok to me.. broken AV?