Issue:
Attachments on emails get stripped and the notification text file reads as follows
Watchguard that protects your network has detected a message that may not be safe.
Cause : The file type may not be safe.
Content type : application/ms-tnef
File name : winmail.dat
Virus status : No information.
Action: The Firebox deleted winmail.dat.
Your network administrator can not restore this attachment.
As you can imagine affected users were quite pissed off about this and i don't blame them.
What is Winmail.dat
When users of Microsoft Outlook send email in Rich Text format, Rich Text format email messagess are TNEF encoded. This encoding type stores all attachments and formatting information in a file named winmail.dat.
Cause:
The SMTP-proxy on your XTM device strips some of the headers out of the email that identify it as a Rich Text formatted email. If the email client does not have the header information needed to interpret the winmail.dat attachment, the email client cannot display the proper formatting of the email, and incorrectly displays the attachment as a winmail.dat file.
Solution
Start Policy Manager for your XTM device.
Edit the SMTP proxy
Edit The SMTP Proxy Action
From the Categories tree, select Headers.
In the Pattern text box, type each of these patterns and click Add to add them to the Rules list.
- X-MS-Has-Attach:*
- X-MS-TNEF-Correlator:*
- X-MimeOLE:*
From the If matched drop-down list, select Allow.
From the Categories tree, select Content Types.
In the Pattern text box, type application/ms-tnef and click set the action to “allow” (This is important)
From the Categories tree, select Filenames.
In the Pattern text box, type winmail.dat and Set action to allow or AV scan.
Save configuration
Source - http://customers.watchguard.com/articles/Article/3250?retURL=%2Fapex%2FknowledgeHome&popup=false
