Personal Blog of Thomas Hampel - Creative Mythbusting in Development and Collaboration

Who am I?

Feeds

Archives

April 2025 (1)
January 2025 (1)
December 2024 (1)
November 2024 (2)
October 2024 (2)
September 2024 (1)
July 2024 (1)
May 2024 (2)
April 2024 (3)
March 2024 (1)
February 2024 (2)
January 2024 (5)
December 2023 (3)
November 2023 (2)
October 2023 (1)
September 2023 (4)
June 2023 (1)
April 2023 (3)
March 2023 (1)
February 2023 (1)
July 2022 (1)
September 2021 (1)
August 2021 (2)
May 2021 (1)
February 2021 (3)
January 2021 (1)
November 2020 (1)
October 2020 (2)
September 2020 (2)
March 2020 (1)
November 2019 (1)
August 2019 (1)
July 2019 (1)
March 2019 (1)
December 2018 (1)
November 2018 (1)
October 2018 (1)
September 2018 (1)
May 2018 (1)
January 2018 (1)
December 2017 (1)
November 2017 (1)
September 2017 (1)
March 2017 (2)
February 2017 (5)
November 2016 (1)
September 2016 (4)
April 2016 (1)
March 2016 (7)
January 2016 (1)
December 2015 (1)
November 2015 (3)
August 2015 (1)
July 2015 (2)
June 2015 (5)
May 2015 (5)
March 2015 (3)
February 2015 (2)
January 2015 (4)
December 2014 (3)
November 2014 (1)
September 2014 (4)
August 2014 (1)
May 2014 (4)
April 2014 (1)
March 2014 (2)
February 2014 (3)
January 2014 (2)
October 2013 (1)
September 2013 (1)
August 2013 (2)
July 2013 (2)
March 2013 (2)
February 2013 (4)
January 2013 (3)
December 2012 (2)
November 2012 (1)
October 2012 (2)
September 2012 (4)
August 2012 (3)
July 2012 (1)
June 2012 (6)
May 2012 (1)
February 2012 (2)
January 2012 (1)
December 2011 (4)
November 2011 (2)
September 2011 (1)
May 2011 (2)
March 2011 (1)
January 2011 (1)
November 2010 (5)
October 2010 (2)
September 2010 (2)
August 2010 (1)
July 2010 (3)
June 2010 (1)

Winmail.dat

Thomas Hampel
 29 December 2011

Every couple of years the same story...

Lotus Notes/Domino users reveive emails containing an attachment "winmail.dat" or "att00001.dat" which the Lotus Notes® client's is unable to open..
Examination of the document properties reveals that the message was sent as a Content-Type: application/ms-tnef; name="winmail.dat", which actually is a format only used by Microsoft® Exchange/Outlook

The problem itself is described in IBM Technote 1093342
http://www-01.ibm.com/support/docview.wss?rs=475&uid=swg21093342

but let me point out that this clearly is not problem caused by Lotus Domino, its the sender's fault which has configured its messaging system to send the email in a Microsoft specific TNEF format rather than using a common standard.
The Microsoft TNEF format is not at all a public standard like those documented within RFC's. Even Microsoft pointed out that the TNEF format isnt RFC compliant ( see Microsoft KBA #323483 )

According to IBM Technote 1093342 Domino administrators can enable a Notes.ini variable TNEFEnableConversion=1 on the server to improve situation, but this can only be a short term workaround because every time Microsoft decides to change the format of its TNEF file type, Domino wont be able to convert the data stored within. Furtheremore this file may contain specific content which Domino will never be able to convert properly such as voting buttons or custom forms.

A real solution is to fix the problem at the source, which is to remind the sender to turn off the sending of mails in TNEF format.
Microsoft published a knowledge base article http://support.microsoft.com/kb/241538 a few years ago which is suggests to turn off using the TNEF format either globally or per recipient.
Once again, this can only be done by the sender or actually the senders administrator, not by the recipient.

Please note:
If the sender is using Microsoft Exchange 2007, the format of "winmail.dat" has changed compared to earlier versions, so conversion will NOT work in some cases!!!
Since Microsoft is changing the format of the file winmail.dat whenever they want, the variable TNEFEnableConversion wont guarantuee to be working all the time - Domino server crashes will be the result.
This also is true for any upcomming changes in the file format.

To avoid misunderstandings :
  • TNEF Format is not based on common standards
  • Email clients other than MS Outlook can not handle TNEF, because TNEF may contain elements such as forms or voting buttons.
  • TNEF encoded raw binary independent of what is advertised by the receiving SMTP server. As documented in Microsoft KBA #323483, this technique is not RFC compliant.
  • Most Exchange Admins configure their servers correctly to NOT send TNEF encoded mails to recipients on the internet.
  • S/MIME signed emails will not be converted unless the Domino Administrator will force to break the digital signature by using the Notes.ini variable TNEFBreakSMIME=1

How to handle the problem:
  • Catch all mails with Content-Type: application/ms-tnef before they arrive the Domino server
    Return a message to the sender telling them that they should disable sending mails in TNEF format. Refer them to http://support.microsoft.com/KB/138053 for further instructions
  • Enable TNEFEnableConversion=1
    Why take this risk?? Simply because your users will be frustrated getting mails with "winmail.dat" attachments.
  • Do not use TNEFBreakSMIME=1
    Because security warnings where the client will get used to ignore are even worse
Comments [1]
Tagged with: Domino Exchange
Go ElsewhereSubscribe to RSSAboutStay ConnectedAnd More
Thomas Hampel, All rights reserved.