You Should Only Open Attachments From A Trusted Source Prompt

Posted on 2010-09-01
Last Modified: 2012-05-10
I have a problem where when our Terminal Server users open an attachment from Outlook, specifically, .doc; .docx; .rtf documents, they are given a prompt which says:
"You Should Only Open Attachments From A Trusted Source"
"Would you like to open the file or save it to your computer?".
"Open | Save | Cancel" (Please see my attached screen grab)
Now, the box is grayed out because it's a locked down environment. The manual fix for this environment is to remove the group policies, login as the user, try open file types it's a problem for, UN-tick the box, click open, log off, and add the group policies back.
However, does anyone know of a way to change this through group policies, registry or some sort of script?
I've spent time searching the internet and can only find articles on how to apply the manual fix. I've looked at nearly ever entry in the registry and even tried process monitor to narrow it down.
Any help you can give is greatly appreciated~
Question by:Zelxos
  • 2
  • 2
LVL 17

Assisted Solution

Spike99 earned 250 total points
ID: 33580829
I've seen this before.

That option is grayed out for users because only administrators can change the behavior on a terminal server.  Here's how we fixed this for our terminal server users on Windows 2003:
1.  Log on to the server as a user with Administratrive rights
2.  Open Folder Options from the Control Panel
3.  Click on the File Types tab
4.  Scroll down to the file type and click on it to highlight it
5. Click on the Advanced Button
6.  Un-check the option "Confirm open after download"

Do the same for all effected file types.

In our case, we had to do this for all the Office 2007 file types like XLSX, DOCX, etc.  The settings for Office 2003 & earlier file types were OK (xls, doc, ppt, etc.).

I attached a screenshot of the dialog.  In this shot the option is checked, I would just need to uncheck it to no longer be prompted about these files.

I hope this helps,

LVL 11

Assisted Solution

marek1712 earned 250 total points
ID: 33582171
There are another methods:
- check trusted file types in the Outlook itself:
You can use startup script to apply this registry fix.
- or you can modify the Attachment Manager settings:
change the default zone to Low Risk and add required file types to the Low Risk extensions.

Author Comment

ID: 33585603
Thank you both for your replies. I'll try these out and let you know if they work. Thanks again!
LVL 17

Expert Comment

ID: 33587116
marek1712's links would help if your attachments were being blocked by Outlook, but it doesn't look like that's the problem.  Users are just getting prompted before they can open attachments.

I don't know if there's a script or other method to use other than the one I described.  Unfortunately the TS cluster we had to do this on had over 30 servers in it and we had to repeat these steps for multiple file types on all 30.  So, it was a bit tedious, but it worked fine for us.  The users haven't complained about it since then (and that was about 8 months ago).


Accepted Solution

Zelxos earned 0 total points
ID: 33590419
Hi Alicia & Marek,
Thanks to both of  you for your replies. I should of mentioned this is a 2008 TS cluster and in 2008 the File Types tab is not there. Although I wasn't able to carry out either of your solutions with success I have found a solution.
I used Process Monitor ( on an Admin account and monitored from the time I opened an affected file type up to just after UN-ticking the box and clicking Open.
I filtered the 4000 results to only show operations that were "RegCreateKey" or "RegSetValue". Near the top of the list I had these results [see Process Monitor Results image].
As you can see, it first had the EditFlags value set to 00 00 00 00 and then changed it to 00 00 01 00. This is the value that gets changed so that Outlook doesn't prompt before opening the file attachment and after a bit more tinkering I figured out two ways to apply this information.

The Solution:
1. This changes it for the computer.
Create a REG_Binary registry entry under the following location for each file type/extension you want to change this for - this example is for ".docx" files:
ValueName: EditFlags
Type: REG_Binary
Value: 00 00 01 00
(changing the value to 00 00 00 00 will cause Outlook to prompt)
Word.Document.12 = .docx
Word.Document.8 = .doc
Word.RTF.8 = .rtf
Excel.Sheet.12 = .xlsx
Excel.Sheet.8 = .xls

So just replace Word.document.12 with whatever is your file type. It's not too hard to figure out which entry controls which file type/extension.

2. This changes it for the user.
Create a REG_Binary registry entry under the following location for each file extension - this example is for ".xlsx" files.
ValueName: EditFlags
Type: REG_Binary
Value: 00 00 01 00

Either of these can be applied manually, through a startup/login script, or through Group Policy preferences (which is how I've applied this).

I hope this helps someone who has this problem.

Thanks again to Alicia and Marek for your replies, I appreciate it!

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outlook Free & Paid Tools
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This video shows where to find the word count, how to display it, and what it breaks down to in Microsoft Word.
CodeTwo Sync for iCloud ( automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question