Windows Messenger

This section provides information about the following:

  • The benefits of Windows Messenger

  • How Windows Messenger communicates with sites on the Internet

  • How to control Windows Messenger to limit or prevent the flow of information to and from the Internet

    Note The version of Windows Messenger that comes with Windows XP with SP1 is version 4.7. If you plan to use Windows Messenger in your organization, we recommend that you deploy server infrastructure that is appropriate to your situation. For more information, see “Instant Messaging (IM) Clients for Exchange 2000 Instant Messaging Service” on the Microsoft Web site at:

On This Page

Benefits and Purposes of Windows Messenger
Overview: Using Windows Messenger in a Managed Environment
How Windows Messenger Communicates with Sites on the Internet
Controlling Windows Messenger to Limit or Prevent the Flow of Information to and from the Internet
Procedures for Windows Messenger

Benefits and Purposes of Windows Messenger

Windows Messenger enables users to communicate instantly and to collaborate with their selected contacts. Windows Messenger version 4.7 in Microsoft Windows XP Professional with Service Pack 1 (SP1) offers not only instant messaging, but also voice and video communications, application sharing, whiteboard, file transfer, and remote assistance.

Overview: Using Windows Messenger in a Managed Environment

Windows Messenger clients initiate communication between one another through server infrastructure that provides for client registration, configuration, and presence (the online status of a user’s contacts). This server infrastructure also acts as a broker in client-to-client communication. In an Internet environment, the server infrastructure used by Windows Messenger is .NET Passport. In a managed environment, you can provide the needed server infrastructure with either of two products, Exchange 2000 Instant Messaging Service or Microsoft Live Communications Server 2003. The following list describes these services:

  • .NET Messenger Service (Internet environment): This service enables users who have a Microsoft .NET Passport account to communicate with Windows Messenger across the Internet.

  • Live Communications Server 2003 (managed environment): This product provides support for instant messaging, presence awareness, and an extensible platform that connects people, information, and business processes. Encryption is one of the features included in this product. With Live Communications Server 2003, you must use Windows Messenger 5.0 on clients. The server operating systems that support Live Communications Server 2003 are Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; and Windows Server 2003, Datacenter Edition.

    For more information, see the Live Communications Server Web site at:

  • Exchange 2000 Instant Messaging service (managed environment): This service is a component of Exchange 2000 Server that uses Microsoft Active Directory directory service to provide additional security and identity controls critical to enterprise customers. We recommend that you use Windows Messenger 5.0 on clients when using Exchange 2000 Instant Messaging service. The server operating system that supports Exchange 2000 Server is Windows 2000 Server.

    For more information, see “Instant Messaging (IM) Clients for Exchange 2000 Instant Messaging Service” on the Microsoft Web site at:

How Windows Messenger Communicates with Sites on the Internet

This section describes various aspects of the data that is sent to and from the Internet through Windows Messenger and how the exchange of information takes place.

  • Specific information sent or received:

    • Information sent or received when the .NET Messenger Service is used: For a description of the information that Microsoft requests when users sign up for the .NET Messenger Service, and about hardware and software information collected automatically by the .NET Messenger Service, see the .NET Messenger Service Statement of Privacy at:

    • Information sent or received by Windows Messenger: Windows Messenger also sends less obvious information when communicating with a server that supports it:

      Change in presence status
      Typing indicator traffic during a conversation
      Network Address Translation (NAT) traversal traffic to echo the server for the PC to Phone feature
      UPnP NAT traversal traffic

  • Default: The default is to enable open communication between internal and external networks.

  • Trigger and user notification: Windows Messenger is triggered when the user starts it by any of various methods—for example, by double-clicking the icon in the task bar or clicking Start/All Programs/Windows Messenger. The user interface provides options and prompts that notify the user of available actions.

  • Logging: No logging takes place on the client.

  • Encryption: There is no encryption of information with Windows Messenger 4.7, with the exception of the logon process, which is encrypted. Any information is sent in plaintext format and is therefore open to viewing by anyone.

  • Privacy for the .NET Messenger Service: You can view the privacy statement for the .NET Messenger Service at:

  • Port:

    • Audio and video. When an audio/video (A/V) session is being negotiated, dynamic ports are chosen for the audio/video stream. Dynamic ports are used to enable the application to work regardless of which other applications are running on the system and using port resources. The actual Real-time Transport Protocol (RTP) streams are sent using dynamically allocated User Datagram Protocol (UDP) ports in the range of 5004 through 65535. Without a way to open these UDP ports on any firewall in the path dynamically, the streams will fail to reach their destination.

    • Application sharing and whiteboard. Since a specific port is used for the Transmission Control Protocol (TCP) data connection (1503), if the client is behind a NAT device, the port must be mapped to that client.

    • Instant messaging. To initiate instant messaging, the Windows Messenger client uses outgoing TCP connections on port 1863.

    • File transfer: For file transfer, the Windows Messenger client uses ports in the range 6891 through 6900. If all of these ports are available for use, each sender can carry out up to 10 simultaneous file transfers. If port 6891 is the only port available, users will be able to do only one file transfer at a time.

  • Transmission protocol:

    • Presence and instant messaging: The protocol used for presence and for initialization and communication on the instant messaging session depends on the server or service being used.

    • Voice and video. Voice and video calls require more than a server-mediated session. A peer-to-peer session is needed to avoid creating congestion on the server. In this case, the servers and services are used to initiate the session setup and media type negotiation using Session Initiation Protocol (SIP) and Session Description Protocol (SDP). The Real-time Transport Protocol (RTP) is used over UDP for the actual voice or video streams.

    • Application sharing and whiteboard. Application sharing and whiteboard, modes of communication and collaboration in Windows Messenger, start out the same as a voice or video session. The Rendezvous service is used to exchange the initial invitations, followed by a SIP invitation and acknowledgment in which the session information is exchanged. When voice and video are compared with application sharing and whiteboard, the differences are as follows:

    • For application sharing and whiteboard, the actual media exchange is done using T.120 over a TCP connection as opposed to UDP. (T.120 is a set of International Telecommunications Union specifications for multipoint data communications services within computer applications.) This connection may be initiated by the one being called, as are many Windows Messenger calls.

    • For application sharing and whiteboard, the port used for the TCP connection is set at port 1503 on the called station.

    • File transfer. A file transfer session, used when the client requests to send a file to a peer, is initiated similarly to voice, video, application sharing, and whiteboard, but without the SIP invitation and acceptance exchange. Once the session is configured through the server, file transfer is accomplished using a TCP connection between the peers over a fixed range of ports.

    • Remote assistance. Remote assistance uses Remote Desktop Protocol (RDP)—the same protocol used by Microsoft Terminal Services. RDP is used over TCP/IP. Windows Messenger sets up the remote assistance session using the server-based session invitation logic. This is similar to file transfer. The additional SIP invitation signaling is only added if a voice session is added in support of remote assistance.

  • Ability to disable: Windows Messenger can be disabled through Group Policy. The procedures for this method are provided later in this section.

Controlling Windows Messenger to Limit or Prevent the Flow of Information to and from the Internet

Windows Messenger can be controlled in a variety of ways, including:

  • Group Policy

  • Through Set Program Access and Defaults, which is available from the Start menu. With Set Program Access and Defaults, you can remove visible entry points to Windows Messenger from the Start menu, desktop, and other locations.

The recommended method for a managed environment is through the use of Group Policy. The procedures for these methods are given in the next subsection.

For more information, see the white paper, “Windows Messenger in Windows XP: Working With Firewalls and Network Address Translation Devices” on the Microsoft TechNet Web site at:

Procedures for Windows Messenger

The following subsections provide information about the following:

  • Preventing Windows Messenger from running on a computer running Windows XP

  • Turning off the Windows Messenger Customer Experience Program

  • Removing visible entry points to Windows Messenger on a computer running Windows XP with SP1

  • Removing visible entry points to Windows Messenger during unattended installation of Windows XP with SP1 by using an answer file

To Prevent Windows Messenger from Running by Using Group Policy

  1. As needed, see Appendix B, "Learning About Group Policy and Updating Administrative Templates," and then edit an appropriate GPO.

  2. Click Computer Configuration, click Administrative Templates, click Windows Components, and then click Windows Messenger.

  3. In the details pane, double-click Do not allow Windows Messenger to be run, and then click Enabled.

    Note This method also prevents applications that use the Windows Messenger application programming interfaces (APIs) from using Windows Messenger. Outlook 2002, Outlook Express 6, and the Remote Assistance feature in Windows XP are examples of programs that use these APIs and that depend on Windows Messenger.

To Remove Visible Entry Points to Windows Messenger on a Computer Running Windows XP with SP1

  1. Click Start and then click Set Program Access and Defaults.

  2. Click the Custom button.

    Note Alternatively, you can click the Non-Microsoft button, which will not only remove visible entry points to Windows Messenger, but also to Internet Explorer, Outlook Express, and Windows Media Player. If you do this, skip the remaining steps of this procedure.

  3. To disable access to Windows Messenger on this computer, to the right of Windows Messenger, clear the check box for Enable access to this program.

  4. If you want a different default instant messaging program to be available to users of this computer, select the instant messaging program from the options available.

    Note For the last step, if your program does not appear by name, contact the vendor of that program for information about how to configure it as the default. Also, for related information about registry entries that are used to designate that a program is a browser, e-mail, media playback, or instant messaging program, see “Registering Programs with Client Types” on the MSDN Web site at:

For more information about Set Program Access and Defaults, see article, “How to Use the Set Program Access and Defaults Feature in Windows XP Service Pack 1” in the Microsoft Knowledge Base at:

To Remove Visible Entry Points to Windows Messenger During Unattended Installation by Using an Answer File

  1. Using the methods you prefer for unattended installation or remote installation, create an answer file. For more information about unattended and remote installation, see Appendix A, "Resources for Learning About Automated Installation and Deployment."

  2. In the [Components] section of the answer file, include the following entry:

    WMAccess = Off

For complete details about how the WMAccess entry works, see the resources listed in Appendix A, "Resources for Learning About Automated Installation and Deployment." Be sure to review the information in the Deploy.chm file (whose location is provided in that appendix).