[AccessD] Processing Digitally Signed Outlook Email Messages With VBA

Wayne Warren-Angelucci wayne.warren at adelphia.net
Wed Oct 4 15:00:46 CDT 2006 

AccessD List:

I am using Outlook automation to process and read email.  Everything is working great until code encounters a 'digitally signed' email, then code gets a runtime error (and the error number appears to be different each time !!)

I'm using the following (standard) code to process email:

    Set mOLApp = CreateObject("Outlook.Application")
    Set mOLNamespace = mOLApp.GetNamespace("MAPI")
    Set mOLMACInboxFolder = mOLInboxFolder.Folders("MAC Inbox")

    For ItemIndex = mOLMACInboxFolder.Items.Count To 1 Step -1
        If Not (mOLMACInboxFolder.Items(ItemIndex).MessageClass = "IPM.Note" Or  _
            mOLMACInboxFolder.Items (ItemIndex).MessageClass = "IPM.Note.SMIME.MultipartSigned") _
            Then GoTo SKIP_EMAIL ' Skip Inbox Items That Are Not Emails
            
        Set mOLMailItem = mOLMACInboxFolder.Items(ItemIndex)
        
        EmailSubject = mOLMailItem.Subject
        EmailBodyContents = mOLMailItem.Body
        
        ....... processing code here ......

SKIP_EMAIL:
        Next ItemIndex


When the item is a digitally signed email, I can 'read' the mail item subject (red line, above), but not the mail item body (blue line).

I did some research and found the following on the Microsoft website:
Improvements to Outlook Object Model Guard and the Impact
Office Outlook   2003 inherits the Outlook 2002 object model guard behavior and, in addition, blocks code that attempts to access the Body and HTMLBody properties of various Outlook items. This allows users to verify that the program or add-in accessing the Body and HTMLBody properties of these items is trustworthy, before they allow access to the contents of the items. Although this change forces the display of security warnings in existing COM add-ins that access the Body or HTMLBody properties of items, this will help prevent malicious code from running unknown to the user. 

You can avoid the display of security warnings by deriving all objects, properties, and methods from the Application object passed to the OnConnection procedure of the add-in. Office Outlook   2003 trusts only the Application object passed to the OnConnection procedure of the add-in. If you create a new Application object -- for example, by using the CreateObject method -- that object and any of its subordinate objects, properties, and methods will not be trusted and the blocked properties and methods will raise security warnings.



however, I don't understand their reference to COM Add-inn or OnConnection procedure.  Have any of you encountered a similar problem reading a digitally signed email and what solution have you come up with?  Thanks,

-- Wayne Warren
Software Solutions
wayne.warren at adelphia.net

More information about the AccessD mailing list