DOCUMENT:Q235607 30-SEP-1999 [exchange] TITLE :XADM: HTML in Subject Field Is Not Converted Properly PRODUCT :Microsoft Exchange PROD/VER:winnt:5.5 OPER/SYS: KEYWORDS:exc55 EXC55SP3Fix ====================================================================== ------------------------------------------------------------------------------- The information in this article applies to: - Microsoft Exchange Server, version 5.5 ------------------------------------------------------------------------------- SYMPTOMS ======== If you send a Hypertext Markup Language (HTML) message that contains special HTML characters in the Subject field, and then a rule is applied that forwards the message, the Subject field in the copy of the original message that is included in the forwarded message may not be displayed properly. The HTML characters may be displayed as HTML, instead of being displayed as text. Note that this problem occurs if the message is sent using the Simple Mail Transfer Protocol (SMTP) or sent using the Messaging Application Programming Interface (MAPI) with the HTML encapsulated as Rich Text Format (RTF). For example, if you send an HTML message that contains "<" in the Subject field, the Subject field in the copy of the original message contains the less than character (<) instead of "<". CAUSE ===== This problem occurs when the forwarded message contains the \fromhtml1 tag in the RTF header. When this tag exists, Exchange Server assumes that all HTML entities have already been encapsulated as RTF. Therefore, it does not convert the HTML characters from the Subject field of the original message (which were added to the original RTF when the message was forwarded) into entities, which causes the characters to be displayed incorrectly. RESOLUTION ========== To resolve this problem, obtain the latest service pack for Exchange Server version 5.5. For additional information, please see the following article in the Microsoft Knowledge Base: Q191014 XGEN: How to Obtain the Latest Exchange Server 5.5 Service Pack The English version of this fix should have the following file attributes or later: Component: Information Store +------------------------+ | File name | Version | +------------------------+ | Store.exe | 5.5.2637.0 | +------------------------+ STATUS ====== Microsoft has confirmed this to be a problem in Microsoft Exchange Server version 5.5. This problem was first corrected in Exchange Server 5.5 Service Pack 3. MORE INFORMATION ================ This behavior represents a potential security concern, because the security features enabled on most e-mail servers do not check the Subject field as closely as the rest of the message. If malicious HTML code in the Subject field of the original message is not detected, the code may be run after the original message is forwarded by a rule and the Subject field is included in the forwarded message. Additional query words: eml ====================================================================== Keywords : exc55 EXC55SP3Fix Technology : kbExchangeSearch kbExchange550 kbZNotKeyword2 Version : winnt:5.5 Issue type : kbbug Solution Type : kbfix ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 1999.