Security issue

  • Thread starter Thread starter Guillaume Genest
  • Start date Start date
G

Guillaume Genest

We use a third party software to send financial report
throught outlook XP client.

I want to disable these warnings saying that:
"a program is trying to access the address book from
Outlook, is that ok?"
and this one:
"a program is trying to send e-mail automaticly using
your name, do you want to continue".

I want to disable this message, take notes that this
client isn't using an Exchange server, this is a client
connect to SNTP and POP3 on internet. is there any way to
do that? (All what i found on microsoft website is if you
have an exchange server).

thanks!
 
Short answer: Not without rewriting the program.

Long answer: The security dialogs that pop up when an application tries to
access certain Outlook properties and methods are designed to inhibit the
spread of viruses via Outlook; see
http://www.slipstick.com/outlook/esecup.htm#autosec. They cannot be simply
turned on or off with a user option or registry setting.

However, Outlook 2003 does not show security prompts on three specific types
of applications:

-- VBScript code in published, non-oneoff Outlook forms

-- Outlook VBA code that uses the intrinsic Application object

-- Outlook COM add-ins properly constructed to derive all objects from
the Application object passed by the OnConnection event

In earlier versions of Outlook, standalone users can use a free tool called
Express ClickYes (http://www.express-soft.com/mailmate/clickyes.html) to
click the security dialog buttons automatically. Beware that this means if a
virus tries to send mail using Outlook or gain access to your address book,
it will succeed.

If it's an application you wrote yourself and either your application needs
to support versions besides Outlook 2003 or your application runs extenal to
Outlook, you have these options for modifying your program to avoid the
security prompts (roughly in order of preference):

-- Use Extended MAPI (see http://www.slipstick.com/dev/mapi.htm) and C++
or Delphi; this is the most secure method and the only one that Microsoft
recommends. However, it applies only to COM add-ins and external programs;
you cannot use Extended MAPI in Outlook forms or VBA.

-- Use Redemption (http://www.dimastr.com/redemption/), a third-party
COM library that wraps around Extended MAPI but parallels the Outlook Object
Model, providing many methods that the Outlook model does not support

-- Use SendKeys to "click" the buttons on the security dialogs that your
application may trigger. See
http://www.slipstick.com/outlook/esecup.htm#autosec for a link to sample
code.

-- Program the free Express ClickYes
(http://www.express-soft.com/mailmate/clickyes.html) tool to start suspended
and turn it on only when your program needs to have the buttons clicked
automatically.

--
Sue Mosher, Outlook MVP
Author of
Microsoft Outlook Programming - Jumpstart for
Administrators, Power Users, and Developers
 
Back
Top