Suppressing Outlook Security Popups

[Amit Basu]

I am using Outlook 2000 and Exchange 5.5. I get the Security popups when
I manipulate several properties of MailItem objects programatically,
e.g., To, Cc etc. Same when I try to send a mail programatically.

Sue, I saw an article written by you about this and how using Redemption
will get rid of the problem. You've also mentioned there's a way to do
this from the Exchange Server itself.

Here's a line from your article. "If you connect to Exchange Server, the
administrator can implement central security settings that allow
programmatic access to certain features, thereby preventing the
prompts".

Can you please point me to some documentation on how to do this? Again,
I am using Exchange 5.5. I am hoping this version of Exchange has this
ability.

I would prefer to avoid using Redemption as I have a lot of macros and
forms in Outlook. If I understand right, I'll have to use the
Redemption's extended MAPI object model in all those existing macros to
suppress the popups.

Thanks a lot.

Amit.

 

[Sue Mosher [MVP-Outlook]]

http://www.slipstick.com/outlook/esecup/admin.htm

Unless you're writing code solely for use in your organization where you can
control the Exchange server, Redemption is a better choice and very easy to
implement since it closely follows the Outlook model.

 

[Amit Basu]

Hi Sue,

Thanks for your reply. I spoke to MS support about this and they said it
is not a good idea to perform this Exchange Server setting as it reduces
the security level. So I ended up getting Redemption. I have two
questions:

1. Is it really true that changing the setting on the Exchange Server
actually reduces the security level? I am developing something for my
irganization only and our Exchange Server is in my control.

2. If I customize the Redemption DLL by assigning a different name to
the DLL and the Objects, does that make Redemption totally safe from
malicious uses?

Thank you.

Amit

From: Sue Mosher [MVP-Outlook]
Date Posted: 2/19/2004 12:17:00 PM



http://www.slipstick.com/outlook/esecup/admin.htm

Unless you're writing code solely for use in your organization where you
can
control the Exchange server, Redemption is a better choice and very easy
to
implement since it closely follows the Outlook model.

 

[Sue Mosher [MVP-Outlook]]

1) Yes, since it suppresses the security prompt for *all* attempts to access
address book properties or send actions, not just for the attempts by your
application.

2) To be perfectly safe, you also need to use the AuthKey property. See
http://www.dimastr.com/redemption/security.htm

 

[Ken Slovak - [MVP - Outlook]]

PMFJI, but don't set AuthKey unless you customize the names and
CLSID's for Redemption. Otherwise you could lock Redemption for any
other app that uses it and doesn't rename things. In the same way, if
you don't customize and someone else uses AuthKey and their code runs
before yours you will be locked out of Redemption.

 

[Sue Mosher [MVP-Outlook]]

Exactly. I always use a customized version of Redemption *and* AuthKey
together. I feel very secure with that approach.

--
Sue Mosher, Outlook MVP
Author of
Microsoft Outlook Programming - Jumpstart for
Administrators, Power Users, and Developers