Consider the following scenario:
You implement journaling in a Microsoft Exchange Server 2013 environment.
You create a journal rule to enable journaling for the email messages that are sent to a journal recipient. The rule sends journal reports to an external contact.
You enable journal report decryption so that an Information Rights Management (IRM)-protected message and a decrypted copy of the IRM-protected message are attached to the journal report.
An IRM-protected message is sent to the journal recipient. The journal report is created and sent to the external contact.
In this scenario, the external contact receives the journal report that contains the IRM-protected message and a Winmail.dat file. This prevents the recorded IRM-protected message from being returned in the search or the discovery results.
This problem occurs because the IRM-protected message is hardcoded to be converted to Transport Neutral Encapsulation Format (TNEF) when the server that is running Exchange Server decrypts the message.
To fix this issue, install Cumulative Update 14 for Exchange Server 2013 or a later cumulative update for Exchange Server 2013.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Learn about the terminology that Microsoft uses to describe software updates.