[AccessD] Processing Digitally Signed Outlook Email Messages With VBA

MartyConnelly martyconnelly at shaw.ca
Wed Oct 4 16:17:05 CDT 2006 

I don't think you can read the body of digitally signed
email as it defeats security purpose, so you might have to skip around
Because Outlook decrypts encrypted messages when they are displayed to make
them look like the normal IPM.

http://support.microsoft.com/?kbid=194623

Unsigned and Unencrypted: IPM.Note
So you might hake to skip around these

• Signed and Unencrypted: IPM.NOTE.SECURE.SIGN
• Unsigned and Encrypted: IPM.NOTE.SECURE
• Signed and Encrypted: IPM.NOTE.SECURE
On the other hand, if you use Secure - Multipurpose Internet Mail 
Extensions (SMIME)
from Microsoft Outlook Express to send a signed message, the class will 
be IPM.Note.SMIME.MultipartSigned.


Wayne Warren-Angelucci wrote:

>AccessD List:
>
>I am using Outlook automation to process and read email.  Everything is working great until code encounters a 'digitally signed' email, then code gets a runtime error (and the error number appears to be different each time !!)
>
>I'm using the following (standard) code to process email:
>
>    Set mOLApp = CreateObject("Outlook.Application")
>    Set mOLNamespace = mOLApp.GetNamespace("MAPI")
>    Set mOLMACInboxFolder = mOLInboxFolder.Folders("MAC Inbox")
>
>    For ItemIndex = mOLMACInboxFolder.Items.Count To 1 Step -1
>        If Not (mOLMACInboxFolder.Items(ItemIndex).MessageClass = "IPM.Note" Or  _
>            mOLMACInboxFolder.Items (ItemIndex).MessageClass = "IPM.Note.SMIME.MultipartSigned") _
>            Then GoTo SKIP_EMAIL ' Skip Inbox Items That Are Not Emails
>            
>        Set mOLMailItem = mOLMACInboxFolder.Items(ItemIndex)
>        
>        EmailSubject = mOLMailItem.Subject
>        EmailBodyContents = mOLMailItem.Body
>        
>        ....... processing code here ......
>
>SKIP_EMAIL:
>        Next ItemIndex
>
>
>When the item is a digitally signed email, I can 'read' the mail item subject (red line, above), but not the mail item body (blue line).
>
>I did some research and found the following on the Microsoft website:
>Improvements to Outlook Object Model Guard and the Impact
>Office Outlook   2003 inherits the Outlook 2002 object model guard behavior and, in addition, blocks code that attempts to access the Body and HTMLBody properties of various Outlook items. This allows users to verify that the program or add-in accessing the Body and HTMLBody properties of these items is trustworthy, before they allow access to the contents of the items. Although this change forces the display of security warnings in existing COM add-ins that access the Body or HTMLBody properties of items, this will help prevent malicious code from running unknown to the user. 
>
>You can avoid the display of security warnings by deriving all objects, properties, and methods from the Application object passed to the OnConnection procedure of the add-in. Office Outlook   2003 trusts only the Application object passed to the OnConnection procedure of the add-in. If you create a new Application object -- for example, by using the CreateObject method -- that object and any of its subordinate objects, properties, and methods will not be trusted and the blocked properties and methods will raise security warnings.
>
>
>
>however, I don't understand their reference to COM Add-inn or OnConnection procedure.  Have any of you encountered a similar problem reading a digitally signed email and what solution have you come up with?  Thanks,
>
>-- Wayne Warren
>Software Solutions
>wayne.warren at adelphia.net
>  
>

-- 
Marty Connelly
Victoria, B.C.
Canada

More information about the AccessD mailing list