How-to to prevent end-users from sending out WINMAIL.DAT attachments

Created by Abderrahim Ibnou el kadi, Modified on Mon, 9 Dec at 4:53 PM by Yves Lacombe


SituationMessage contains an attachment called WINMAIL.DAT which cannot be opened. The original message may or may not have contained an attachment.
SolutionWINMAIL.DAT files are an indication that a message was sent with a TNEF (Transport Neutral Encapsulation Format) formatted attachment. There are several steps that can be taken by the sender to prevent messages from being sent with TNEF attachments.

 

What Is TNEF (Transport Neutral Encapsulation Format)? 

TNEF is a proprietary format used by Microsoft Outlook and Microsoft Exchange for sending email attachments. TNEF encoded attachments are typically named WINMAIL.DAT (or sometimes WIN.DAT). TNEF encoding is performed when the message is created, and the software used to send the message determines whether or not to encode the attachments with TNEF. Outlook and Exchange offer a message formatting option called Rich Text (or RTF - Rich Text Format). When a message is formatted as Rich Text, the attachments will be formatted with TNEF, so the terms are sometimes used synonymously. RTF refers to the message format and TNEF refers to the attachment format. There are several different places where this formatting can be selected and controlled.

FROM CLIENT (MICROSOFT OUTLOOK):

  1. From the main MS Outlook screen, navigate to File > Options > Mail.
  2. Make sure in the Compose messages section that Compose Messages in this format: is set to HTML OR Plain Text (not Rich Text).
  3. Scroll down to the Message format section (almost to the bottom).
  4. Make sure When sending messages in Rich Text format to Internet recipients: is set to Convert to HTML format OR Convert to Plain Text format (do NOT select Send using Outlook Rich Text format).

This does not completely stop TNEF from being used for some messages

Microsoft Exchange can have certain recipient domains designated as Remote Domains and individual recipients can be defined as External Contacts. Exchange can be configured to use RTF when sending to these domains or contacts, even when the Outlook client has other formats selected. You must use the instructions for configuring Exchange to never use RTF (or TNEF), as well

From Server (Microsoft Exchange)

FOR EXCHANGE 2013, EXCHANGE 2016, AND EXCHANGE 2019 (INCLUDING OFFICE 365), CONFIGURE REMOTE DOMAINS TO NOT USE RTF

  1. Enter the Exchange Admin Console.
  2. Navigate to Mail Flow > Remote Domains.
  3. Ensure each domain in the list (including Default) has Use rich-text format set to Never.
  4. Click Save.

FOR EXCHANGE 2013, EXCHANGE 2016 AND EXCHANGE 2019 (INCLUDING OFFICE 365), CONFIGURE EXTERNAL CONTACTS TO NOT USE RTF

  1. This must be done using PowerShell, as it cannot be performed within the Admin Console. Run the following commands in Windows PowerShell:
Set-MailContact <ExternalEmailAddress or GUID> -UseMapiRichTextFormat Never 
Set-MailContact -Identity <ExternalEmailAddress or GUID> -UsePreferMessageFormat $True

FOR EXCHANGE 2007 AND EXCHANGE 2010

  1. In the Exchange Management Console, navigate to Organization Configuration > Hub Transport.
  2. Click Remote Domains.
  3. Edit the properties of the Default domain (and any other domain listed).
  4. In the Properties dialog box select Message Format.
  5. Set Exchange rich-text format: to Never Use.
  6. Click OK.