Error handling

IBM® MQ Advanced Message Security defines an error handling queue to manage messages that contain errors or messages that cannot be unprotected.

Defective messages are dealt with as exceptional cases. If a received message does not meet the security requirements for the queue it is on, for example, if the message is signed when it should be encrypted, or decryption or signature verification fails, the message is sent to the error handling queue. A message might be sent to the error handling queue for the following reasons:

Quality of protection mismatch - a quality of protection (QOP) mismatch exists between the received message and the QOP definition in the security policy.
Decryption error - the message cannot be decrypted.
PDMQ header error - the IBM MQ AMS message header cannot be accessed.
Size mismatch - length of a message after decryption is different than expected.
Encryption algorithm strength mismatch - the message encryption algorithm is weaker than required.
Unknown error - unexpected error occurred.

IBM MQ Advanced Message Security uses the SYSTEM.PROTECTION.ERROR.QUEUE as its error handling queue. All messages put by IBM MQ AMS to the SYSTEM.PROTECTION.ERROR.QUEUE are preceded by an MQDLH header.

Your IBM MQ administrator can also define the SYSTEM.PROTECTION.ERROR.QUEUE as an alias queue pointing to another queue.