Windows Server Summit 2024
Mar 26 2024 08:00 AM - Mar 28 2024 04:30 PM (PDT)
Microsoft Tech Community
The beginning of the end of Remote Mailslots as part of Windows Insider
Published Mar 08 2023 03:12 PM 12.4K Views
Microsoft

Heya folks, Ned here again. With the release of Windows 11 Insider Preview Build 25314 and Windows Server Preview Build 25314, we have started disabling the Remote Mailslot protocol by default. This is a precursor to deprecation and eventual removal from Windows. You aren't using this extremely legacy protocol unless you're also using the deprecated and disabled-by-default SMB1 protocol, so 99.97% of you have nothing to worry about. For those who are, a bit more information:

 

Remote Mailslots

The Remote Mailslot protocol is a very old, simple, unreliable, insecure IPC method. A server creates a mailslot and a client writes messages to it using NetBIOS datagrams as a transport when operating over a network with Windows. The sender of the mailslot message formats the SMB_COM_TRANSACTION message and sends it as a NetBIOS datagram. The Proto-SMB1 Common Internet File System (CIFS) Browser Protocol uses "\MAILSLOT\LANMAN" and "\MAILSLOT\BROWSE", for instance.

 

Mailslots are older than Windows NT, dating back to LAN Manager DOS days. It goes without saying that this protocol is disgusting. If you've been an IT Pro for a few decades, you might recall people using the anonymous NET SEND command (MAILSLOT\Messngr) to broadcast important messages to all logged on users, or more likely, this kind of crap:

 

R.png

 

What changed 

Starting with Windows 11 Insider Preview Build 25314remote mailslot is disabled by default. If you have manually re-enabled SMB1 (which has been disabled by default since Windows 10) and some application is still using a Remote Mailslot, they will see one of the following errors:

 

3025

ERROR_REMOTE_MAILSLOTS_DEPRECATED

“The requested operation failed. Remote mailslots have been deprecated.”

 

Contact your vendor about updating their software to join the 21st century, as it both requires SMB1 and Remote Mailslot. This protocol is not secure, was replaced decades ago by better technology, and should not be used under any circumstances. 

 

If you need to re-enable Remote Mailslots temporarily while you yell at your vendor or developer, use the following PowerShell command:

 

PS C:\> Set-SmbClientConfiguration -EnableMailslots $true

 

Remote Mailslots will get officially deprecated in the next release of Windows and Windows Server, meaning that it can eventually be removed altogether. That will take time and there will be plenty of public warning, just like SMB1 had.

 

Final notes

This is part of a campaign to improve the security of Windows and Windows Server for the modern landscape. You've read my posts on SMB security changes over the past year:

 

 

For more information on securing SMB on Windows in-market, check out:

 

 

Until next time, 

 

- Ned Pyle

1 Comment
Co-Authors
Version history
Last update:
‎Jan 29 2024 01:06 PM
Updated by: