WatchGuard Support Center

Knowledge Base - Article

000012354
 Why do email attachments sent through the SMTP-proxy appear as Winmail.dat attachments?

Information
Why do email attachments sent through the SMTP-proxy appear as Winmail.dat attachments? 

When users of Microsoft Outlook send email in Rich Text format, email attachments sent through the SMTP-proxy can appear as winmail.dat attachments. Rich Text format email messagess are TNEF encoded. This encoding type stores all attachments and formatting information in a file named winmail.dat.

The SMTP-proxy on your Firebox strips some of the headers out of the email that identify it as a Rich Text formatted email. If the email client does not have the header information needed to interpret the winmail.dat attachment, the email client cannot display the proper formatting of the email, and incorrectly displays the attachment as a winmail.dat file.

To correct this issue, make these changes to the SMTP-proxy on the Firebox:

  1. Start Policy Manager for your Firebox.
  2. Double-click the SMTP-Proxy used for inbound email.
    Or, right-click the SMTP-proxy and select Modify Policy.
    The New/Edit Policy dialog box appears with the Policy tab selected.
  3. Adjacent to the Proxy action drop-down list, click View/Edit Proxy.
    The SMTP Proxy Action Configuration dialog box appears.
  4. From the Categories tree, select Headers.
  5. In the Pattern text box, type each of these patterns and click Add to add them to the Rules list.
    • X-MS-Has-Attach:*
    • X-MS-TNEF-Correlator:*
    • X-MimeOLE:*
  6. From the If matched drop-down list, select Allow.
  7. From the Categories tree, select Content Types.
  8. In the Pattern text box, type application/ms-tnef and click Add.
    The pattern appears in the Rules list.
  9. From the If matched drop-down list, select AV Scan.
    If the Firebox does not have a Gateway AV subscription, select Allow.
  10. From the Categories tree, select Filenames.
  11. In the Rules text box, select winmail.dat and click Remove.
    The winmail.dat pattern is removed from the Rules list.
  12. From the None matched drop-down list, select AV Scan.
    If the Firebox does not have a Gateway AV subscription, select Allow.

For more information about TNEF and Rich Text encoded email messages, see this Microsoft Knowledge Base article: http://support.microsoft.com/kb/290809.