Winmail.dat and Exceedinglyinfected
- Using Forefront antivirus for Exchange 2007 and have received alert that Forefront detected virus exceedinglyinfected in file winmail.dat. I don't find explanation of this in the documentation. Any clue's?
Thanks,
Ted
Answers
Hi,
Thank you for your post.
Before going any further, I want to know when does this issue occur? By default, Transport Scan Job scans Winmail.dat files for viruses. Exchange uses Winmail.dat files to send them between servers to facilitate replication. If Forefront Security for Exchange Server modifies any of these Winmail.dat files, the public folder replication process will fail. To avoid this from happening, you can set a new DWORD registry key named DoNotScanIPMReplicationMessages to 1, and the Transport Scan Job will not scan IPM replication messages.
Meanwhile, you may refer to this article: http://support.microsoft.com/kb/906002/en-us
Regards,
Regards,
Nick Gu - MSFT- Marked As Answer byNick Gu - MSFTMSFT, ModeratorTuesday, November 10, 2009 6:29 AM
All Replies
- You know, I had the same problem, but it was not very usual.justin some cases so I ignored it but just for the record, I had the same issue
sharepoint novice Hi,
Thank you for your post.
Before going any further, I want to know when does this issue occur? By default, Transport Scan Job scans Winmail.dat files for viruses. Exchange uses Winmail.dat files to send them between servers to facilitate replication. If Forefront Security for Exchange Server modifies any of these Winmail.dat files, the public folder replication process will fail. To avoid this from happening, you can set a new DWORD registry key named DoNotScanIPMReplicationMessages to 1, and the Transport Scan Job will not scan IPM replication messages.
Meanwhile, you may refer to this article: http://support.microsoft.com/kb/906002/en-us
Regards,
Regards,
Nick Gu - MSFT- Marked As Answer byNick Gu - MSFTMSFT, ModeratorTuesday, November 10, 2009 6:29 AM
