I just migrated all of my Microsoft Exchange users from one windows 2003 active passive cluster, to 4 windows 2003 virtual exchange servers. Suddenly users started having a problem with microsoft office attachments, they were replaced with a winmail.dat file. To make a long story short, trendmicro scanmail was the root cause of the problem.
Here is the trendmicro support article I found that pointed to different symptoms than I had (it says a second email, in this case it was the only email and it always replaced office files with winmail.dat), however it was the fix for this issue as well. To quickly test to see if it was the issue i just disabled spam filtering in scanmail (we use postini so this is just an extra layer)
A second email with only a winmail.dat file attachment is received when sending an email through ScanMail for Exchange (SMEX) 8.0
Solution ID:
EN-1037111
Product:
ScanMail for Exchange - 8.0 2000/2003/2007
Operating System:
Windows Server 2003 - SP2; Windows Server 2003 R2; Windows Server 2003 Standard Edition; Windows 2000 Server - SP4
Published:
4/11/2008 12:49 AM
Problem:
The second email has the same subject of the original email and contains only a winmail.dat file attachment.
The header of this second email contains the following information:
Content-Type: application/ms-tnef;
name="winmail.dat"
:
:
X-TM-AS-Product-Ver: SMEX-8.0.0.1259-5.000.1023-15772.002
X-TM-AS-Result: No--36.821000-5.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
Solution:
Public
The abovementioned X-TM-AS headers imply that the ScanMail Anti Spam feature is also enabled on the Exchange Server.
This also means that the content type of the message is application/ms-tnef. Note, however, that the application/ms-tnef (winmail.dat) does not contain the actual message itself. It just contains either the embedded OLE objects, special Outlook features or formatting of the message if it was sent in Rich Text format. So, we can safely exclude this kind of message from Antispam scanning to avoid receiving this type of issue.
Perform the following steps on the affected ScanMail for Exchange 8.0 server to resolve this.
1.
Make sure that the latest patch for SMEX 8.0 is installed in your machine.
2.
Open the Registry Editor.
Important: Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.
3.
Add the following key:
* Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion\
* Key: AntiSpamSkipScanning
* Type: REG_SZ
* Value: application/ms-tnef;
Note: Make sure to include the semi-colon ( ; ) at the end of the value.data.
4.
Restart the SMEX_Master service.
5.
Send another test emails and observe the system response.
These steps will configure ScanMail for Exchange 8.0 Antispam not to filter the application/ms-tnef content-type, thus preventing the issue.
Related Information:
•
Description of Transport Neutral Encapsulation Format (TNEF) in Outlook 2000
•
What is an "application/ms-tnef" attachment?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment