winmail.dat

Jim Holland mailscanner at mango.zw
Fri Jan 27 09:30:58 GMT 2006 

On Thu, 26 Jan 2006, Kevin Miller wrote:

> > I have long had complaints from users who are unable to open these
> > things called winmail.dat because they aren't using MS Outlook.  So I
> > consider it a plus that they now receive the message with the
> > winmail.dat file removed and a helpful notice in its place . . .
> > 
> > It sounds as if some correspondents are having the full message
> > blocked, and not just the attachment.  I assume that this is because
> > they have not set:
> > 
> > 	Deliver Cleaned Messages = yes
> > 
> > in MailScanner.conf
> > 
> > Mostly the files don't contain anything important, so can be ignored,
> > but sometimes they do have documents or image files etc which the
> > users do want to receive.  I would consider it a definite plus if
> > there was an option to extract the contents and send them along
> > instead - similar to the "Convert HTML To Text" option already
> > available. 
> 
> So what do you have in your filename and filetype conf files?  How are
> you filtering the winmail.dat?

I am just using MailScanner 4.50.10-1 beta with the default blocking and 
slightly modified comments:

filename.rules.conf:

   JKF 11/01/2006 Another Microsoft security vulnerability
   deny    winmail\.dat$           Windows security vulnerability
                                   Microsoft Outlook Rich Text Format 
   attachments blocked due to security hole - ask sender to use plain text 
   or HTML instead

filetype.rules.conf:

   deny    TNEF            Windows security vulnerability
                           No Outlook Rich Text Format attachments due to 
   security hole - ask sender to use plain text or HTML instead

   deny    Transport Neutral Encapsulation Format          Windows 
   security vulnerability         No Outlook Rich Text Format attachments
   due to security hole - ask sender to use plain text or HTML instead

In all the cases I have checked so far I have found that the recipients 
were not using MS Outlook, so would not have been able to read the files 
anyway.

I do also like the suggestion of an automated bounce to sender asking them 
not to use this format - one of the rare cases where a bounce to sender is 
very unlikely to do harm and should cause some good.

Regards

Jim Holland
System Administrator
MANGO - Zimbabwe's non-profit e-mail service

More information about the MailScanner mailing list