Virus Scanner -- Mail Sent in Outlook Rich Text Format

Nick Phillips nwp at LEMON-COMPUTING.COM
Tue Oct 9 16:30:20 IST 2001

On Tue, Oct 09, 2001 at 04:11:31PM +0100, Julian Field wrote:
> At 16:04 09/10/2001, you wrote:
> >Something from one of my Administrators.. What should I tell him?

That since the messages can not be checked unless they can be unpacked,
they should really be blocked. If that is unacceptable, then users should
be educated/forced not to use that ridiculous format.

You could also try manually unpacking some of the attachments with the
tnef decoder, to see whether it's working correctly (don't forget that you
need different binaries on different systems), and if so, how much
time + memory + CPU it is likely to take.

> I have tried to get the file format spec out of Microsoft, but to no avail :-(

Oh, I might also recommend that when a winmail.dat is blocked, a message
explaining why should be returned to the sender. Possibly including a phone
number for them to contact Microsoft and ask what they think they're playing
at ;)

Given the recent Gartner Group report that recommends businesses dump IIS
because MS are incapable of securing it (see if it's working), maybe they'll start to take things
like this a little more seriously.

Some hopes.

Nick Phillips -- nwp at
You have been selected for a secret mission.

More information about the MailScanner mailing list