Winmail.dat
Thomas Hampel
29 December 2011Every couple of years the same story...
Lotus Notes/Domino users reveive emails containing an attachment "winmail.dat" or "att00001.dat" which the Lotus Notes® client's is unable to open..
Examination of the document properties reveals that the message was sent as a Content-Type: application/ms-tnef; name="winmail.dat", which actually is a format only used by Microsoft® Exchange/Outlook
The problem itself is described in IBM Technote 1093342
http://www-01.ibm.com/support/docview.wss?rs=475&uid=swg21093342
but let me point out that this clearly is not problem caused by Lotus Domino, its the sender's fault which has configured its messaging system to send the email in a Microsoft specific TNEF format rather than using a common standard.
The Microsoft TNEF format is not at all a public standard like those documented within RFC's. Even Microsoft pointed out that the TNEF format isnt RFC compliant ( see Microsoft KBA #323483 )
According to IBM Technote 1093342 Domino administrators can enable a Notes.ini variable TNEFEnableConversion=1 on the server to improve situation, but this can only be a short term workaround because every time Microsoft decides to change the format of its TNEF file type, Domino wont be able to convert the data stored within. Furtheremore this file may contain specific content which Domino will never be able to convert properly such as voting buttons or custom forms.
A real solution is to fix the problem at the source, which is to remind the sender to turn off the sending of mails in TNEF format.
Microsoft published a knowledge base article http://support.microsoft.com/kb/241538 a few years ago which is suggests to turn off using the TNEF format either globally or per recipient.
Once again, this can only be done by the sender or actually the senders administrator, not by the recipient.
Please note:
If the sender is using Microsoft Exchange 2007, the format of "winmail.dat" has changed compared to earlier versions, so conversion will NOT work in some cases!!!
Since Microsoft is changing the format of the file winmail.dat whenever they want, the variable TNEFEnableConversion wont guarantuee to be working all the time - Domino server crashes will be the result.
This also is true for any upcomming changes in the file format.
To avoid misunderstandings :
- TNEF Format is not based on common standards
- Email clients other than MS Outlook can not handle TNEF, because TNEF may contain elements such as forms or voting buttons.
- TNEF encoded raw binary independent of what is advertised by the receiving SMTP server. As documented in Microsoft KBA #323483, this technique is not RFC compliant.
- Most Exchange Admins configure their servers correctly to NOT send TNEF encoded mails to recipients on the internet.
- S/MIME signed emails will not be converted unless the Domino Administrator will force to break the digital signature by using the Notes.ini variable TNEFBreakSMIME=1
How to handle the problem:
- Catch all mails with Content-Type: application/ms-tnef before they arrive the Domino server
Return a message to the sender telling them that they should disable sending mails in TNEF format. Refer them to http://support.microsoft.com/KB/138053 for further instructions - Enable TNEFEnableConversion=1
Why take this risk?? Simply because your users will be frustrated getting mails with "winmail.dat" attachments. - Do not use TNEFBreakSMIME=1
Because security warnings where the client will get used to ignore are even worse
Comments
1.) Winmail.dat
MIke Queripel http:// 30/07/2012 13:51:15
Hi,
Thanks for this article, very informative.
I was wondering if you might know why some of our users still receive emails with .dat attacments despite having the tnefenableconversion=1 in the server's notes.ini file.
There is almost no information on this phenomenon and any light you might be able to shine on the subject would be greatly appreciated.
Thanks,
mrq