Messages with bare carriage returns or bare line feeds can be parsed differently by different e-mail clients.

If your organization uses an e-mail client that interprets messages with bare carriage returns or bare line feeds differently than Microsoft Office Outlook and Microsoft Outlook Express, for maximum security, it is recommended that you enable the Fix bare carriage returns or line feeds in MIME headers setting in Global Settings - Advanced Options.

When you enable this setting, FPE corrects a discrepancy between the MIME header parsing method used by Microsoft Outlook® and Outlook Express, and the RFC 822 specification on how bare carriage return (CR) (0x0d) and bare line feed (LF) (0x0a) are handled in MIME headers. When enabled, bare carriage returns and bare line feeds are replaced by a CR-LF combination, in compliance with the RFC 2822 specification. By design, FPE parses messages in the same manner as Outlook and Outlook Express. If this setting is enabled, FPE alters these messages to be compliant with the RFC 2822 specification, and all e-mail clients parse the messages in the same manner.

To maximize system performance, this setting is disabled by default. When disabled, e-mail clients other than Outlook and Outlook Express may parse messages with bare carriage returns or bare line feeds differently than FPE. Because of this, malware could avoid detection. Therefore, if your e-mail client interprets messages with bare carriage returns or bare line feeds differently than Outlook and Outlook Express, you should enable the Fix bare carriage returns or line feeds in MIME headers setting.

To fix bare carriage returns or bare line feeds in MIME headers
  1. In the Forefront Protection 2010 for Exchange Server Administrator Console, click Policy Management, and under Global Settings, click Advanced Options.

  2. In the Global Settings - Advanced Options pane, under the Specialty File Type Settings section, select the Fix bare carriage returns or line feeds in MIME headers check box, and then click Save.