Why do we set "use RTF" to never in Exchange Online?

Some customers ask why our configuration requires the Rich Text Format (RTF) to be disabled.

Microsoft Recommends using HTML rather that RTF

Rich Text Format (RTF) is a legacy proprietary email format that Microsoft created before HTML emails were popular. The short answer on why we recommend disabling it is that Microsoft recommends it. Please see this article:

"You can use RTF when you send messages inside an organization that uses Microsoft Exchange, but we recommend that you use the HTML format."

https://support.office.com/en-us/article/change-the-message-format-to-html-rich-text-format-or-plain-text-338a389d-11da-47fe-b693-cf41f792fefa

Outlook Web Access (OWA) can not send in RTF

Microsoft has decided to not even support sending email from OWA in RTF. OWA is however able to read RTF, but this is just for legacy support. Please see the link below.

OWA Can read messages formatted in RTF, but can't format or send this format

https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/message-format-and-transmission

Added security benefit

While your systems may already be up to date with the latest Microsoft patches, the RTF format opens up potential vectors for attack. We believe that over time, the RTF format will be phased out. Here is an example security alert related to RTF within Outlook:

"Microsoft Outlook retrieves remote OLE content without prompting"

https://www.kb.cert.org/vuls/id/974272