Po polsku

What is the winmail.dat attachment and MIME type application/ms-tnef

Sometimes an e-mail message includes an attachment named winmail.dat, its MIME type is application/ms-tnef. This strange attachment cannot be opened in any application. Users of Outlook Express may in turn receive a rather large message (judging for example by the amount of time it takes to download it) but it turns out to be short and include no attachment. A look at the message source confirms that there is in fact an attachment named as above. These attachments are a result of implementing by MS a private (vendor-specific), closed format of corporate mail called TNEF. Support for this format is limited to MS Outlook (but not Outlook Express!) and MS Exchange client, and should not leave the corporate network unless the recipient is explicitly known to use one of the software supporting it.

The attachment contains formatting information (equivalent of the HTML part in “normal” e-mails) and may be a wrapper for other attachments. For some unknown reason MS was not satisfied with MHTML and had to create its own solution, incompatible with any other software. While reading the plain text message rather than HTML is usually no problem (majority of users send their messages in HTML while applying absolutely no formatting), lack of access to attachments does present problems.

Security issues

Microsoft warns that in the winmail.dat attachment the path to the sender’s personal folders file (.pst) and logon name are embedded. These can be seen after opening the file in a hexadecimal editor. Another security issue is created when the recipient uses the online TNEF decoder. In order to use the online decoder the winmail.dat file must be transmitted to the remote server which in turn unpacks the file and makes all the files that were packed into it available to download. These files may be made available to others because of the server malfunction or they can be intercepted by a third party.

What can be done about it?

Sole responsibility for sending out this trash lies with users of MS Outlook who select incorrect format of outgoing message and/or MS Exchange Server administrators who allow unrestricted sending out of messages using TNEF format. You can inform the sender about his/her mistake (or wrong choice of format) and that the attachment sent using this format cannot be opened, and ask him/her to change Outlook settings, then to send the message once again. If the sender is in a corporate network, you may suggest that the sender contact the network administrator. More information about configuring both MS Outlook and MS Exchange Server can be found in MS Knowledge Base (see Links below). Judging by the number of articles about problems with TNEF it is a common problem.


  1. MS Knowledge Base:
    All articles are in English, versions translated into other languages like Spanish, French, German, Portugese, sometimes even Polish, Russian and Chinese may also be available.
  2. How to decode the winmail.dat: