Security Warning on E-Mails from Access DB Nuisance.

  • Thread starter Thread starter Peter Bray
  • Start date Start date
P

Peter Bray

An access 97 database we use extensively routinely sends
e-mails to people who have been allocated actions or who
have overdue matters etc. Under Windows NT and 2000 this
happened seemlessly without interfering with the
interactive session of the user currently interacting
with the database. Under XP, or at least XP with a
security patch implemented, the user is continually
disturbed with a timed dialog warning that a program is
trying to send an email. It does not even remember
consent given in the current session, let alone allow the
user to deem that application as trusted or safe to send
such e-mails. Can anyone help, as this threatens to turn
a productive application into a pain in the neck! Is this
the right forum to post this question in?
 
Yes, this is the right forum. The security dialogs that pop up when an
application tries to access certain Outlook properties and methods are
designed to inhibit the spread of viruses via Outlook; see
http://www.slipstick.com/outlook/esecup.htm#autosec. They cannot be simply
turned on or off with a user option or registry setting.

However, Outlook 2003 does not show security prompts on three specific types
of applications:

-- VBScript code in published, non-oneoff Outlook forms

-- Outlook VBA code that uses the intrinsic Application object

-- Outlook COM add-ins properly constructed to derive all objects from
the Application object passed by the OnConnection event

In earlier versions of Outlook, standalone users can use a free tool called
Express ClickYes (http://www.express-soft.com/mailmate/clickyes.html) to
click the security dialog buttons automatically. Beware that this means if a
virus tries to send mail using Outlook or gain access to your address book,
it will succeed.

If you're the administrator in an Exchange Server environment, you can
reduce the impact of the security prompts with administrative tools. See
http://www.slipstick.com/outlook/esecup/admin.htm

If it's an application you wrote yourself and either your application needs
to support versions besides Outlook 2003 or your application runs extenal to
Outlook, you have these options for modifying your program to avoid the
security prompts (roughly in order of preference):

-- Use Extended MAPI (see http://www.slipstick.com/dev/mapi.htm) and C++
or Delphi; this is the most secure method and the only one that Microsoft
recommends. However, it applies only to COM add-ins and external programs;
you cannot use Extended MAPI in Outlook forms or VBA.

-- Use Redemption (http://www.dimastr.com/redemption/), a third-party
COM library that wraps around Extended MAPI but parallels the Outlook Object
Model, providing many methods that the Outlook model does not support

-- Use SendKeys to "click" the buttons on the security dialogs that your
application may trigger. See
http://www.slipstick.com/outlook/esecup.htm#autosec for a link to sample
code.

-- Program the free Express ClickYes
(http://www.express-soft.com/mailmate/clickyes.html) tool to start suspended
and turn it on only when your program needs to have the buttons clicked
automatically.

--
Sue Mosher, Outlook MVP
Author of
Microsoft Outlook Programming - Jumpstart for
Administrators, Power Users, and Developers
 
Back
Top