It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

How can I protect my Exchange server from TNEF attacks with the Email Security Gateway?

  • Type: Knowledgebase
  • Date changed: one year ago

Solution: #00004180

 

Scope:

This solution applies to all Email Security Gateways configured to work with Microsoft Exchange.

 

Answer:
Transport Neutral Encapsulation Format (TNEF) is an attachment encapsulation method used by Microsoft messaging products, including Exchange Server and Office Outlook. TNEF encoded attachments often contain functional elements or other executable components that might be activated as the message passes through a Microsoft messaging infrastructure.

 

Microsoft has identified and patched a defect in its messaging software that would allow an attacker to use specially crafted TNEF data to gain elevated privileges on an affected computer. (See URL below for more information from Microsoft)

 

Barracuda Networks recommends all customers using Microsoft messaging products to stay up-to-date with software patches.

 

However, it is also possible to configure the Email Security Gateway to block TNEF attacks by blocking attachments with the ?.dat? file extension. See Solution #00002993 for more information on file attachment blocking. Be advised that blocking such attachments might reduce functionality of messages originating from Microsoft messaging software.

 

http://www.microsoft.com/technet/security/Bulletin/MS09-003.mspx


Link to this page:

http://www.barracuda.com/kb?id=50160000000HmZI