We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

How can I protect my Exchange server from TNEF attacks with the Barracuda Spam Firewall?

  • Type: Knowledgebase
  • Date changed: 4 years ago

Solution: #00004180

 

Scope:

This solution applies to all Barracuda Spam Firewalls configured to work with Microsoft Exchange.

 

Answer:
Transport Neutral Encapsulation Format (TNEF) is an attachment encapsulation method used by Microsoft messaging products, including Exchange Server and Office Outlook. TNEF encoded attachments often contain functional elements or other executable components that might be activated as the message passes through a Microsoft messaging infrastructure.

 

Microsoft has identified and patched a defect in its messaging software that would allow an attacker to use specially crafted TNEF data to gain elevated privileges on an affected computer. (See URL below for more information from Microsoft)

 

Barracuda Networks recommends all customers using Microsoft messaging products to stay up-to-date with software patches.

 

However, it is also possible to configure the Barracuda Spam Firewall to block TNEF attacks by blocking attachments with the ‘.dat’ file extension. See Solution #00002993 for more information on file attachment blocking. Be advised that blocking such attachments might reduce functionality of messages originating from Microsoft messaging software.

 

http://www.microsoft.com/technet/security/Bulletin/MS09-003.mspx


Link to this page:

http://www.barracuda.com/kb?id=50160000000HmZI