Mail sent from an address which is in a HAT group with "Relay" behaviour specified will be treated as outgoing - so have the Outgoing mail policy applied.  You presumably don't have media attachements blocked on your outgoing policy.Quarantines aren'...

I have recently been looking in to something which sounds very similar Looking at the Incoming Mail report (by IP) I was seeing (IP address and domain info obfuscated): Sender IP AddressHostnameDNS VerifiedSBRSLast Sender GroupTotal AttemptedStopped...