SUMMARY
This article provides information for developers, solution providers, and independent software vendors (ISVs) about the Outlook 98 Collaboration Data Objects (CDO) E-mail Security Update that was released on September 20, 2000.
The CDO E-mail Security Update provides a higher level of security against viruses that spread through e-mail. If you have an application that uses the CDO 1.2 (or 1.21) library, Microsoft recommends that you become familiar with the changes that the security update makes to the library, so that you can determine how those changes may affect your solution.
NOTE: If you are using Outlook 2000, you should use the Outlook 2000 CDO E-mail Security Update. For more information, click the article number below to view the article in the Microsoft Knowledge Base:
268372 INFO: OL2000: Developer Information About the CDO E-mail Security Update
MORE INFORMATION
Before you install the CDO E-mail Security Update on an Outlook 98 computer, you must first install the Outlook 98 E-mail Security Update. For detailed information on installation of the Outlook 98 CDO E-mail Security Update, see the following article in the Microsoft Knowledge Base:
268462 OL98: Information About the CDO E-mail Security Update
By default, Outlook 98 installs the CDO 1.2 version of the CDO library. However, if you choose to install the CDO E-mail Security Update, the CDO 1.2 library is updated to the CDO 1.21 library (with Security Update applied).
The CDO E-mail Security Update Should Not Be Applied to Servers
The CDO E-mail Security Update is designed specifically for client safety. Microsoft recommends that you do not apply the update to Microsoft Exchange Server-side versions of the CDO library because this may severely impact both standard and custom server programs, including Outlook Web Access. The update should also not be applied to Internet Information Servers (IIS) that run Active Server Pages (ASP) applications that use the CDO 1.2 (or CDO 1.21) library.
How to Customize the Restrictions of the CDO E-mail Security Update
If you are using Microsoft Exchange Server, you can customize the behavior of the CDO E-mail Security Update in your organization. For additional information about customizing the settings, click the article number below
to view the article in the Microsoft Knowledge Base:
263296 Administrator Information About the Outlook E-mail Security Update
Changes to the CDO 1.21 Object Model
Sending Mail
When a CDO 1.21 application calls the
Send method of a
Message object or a
MeetingItem object, a dialog box informs the user that a program is trying to send mail on their behalf, and asks if the message should be sent. If the user clicks
No, the
Send method returns the following error message:
Collaboration Data Objects-[E_ACCESSDENIED(80070005)]
Accessing Certain MAPI Properties Associated with a Message Object That Exists Under a MAPI Folder
When a CDO 1.21 application uses a
Fields collection object to access Messaging Application Program Interface (MAPI) properties that are associated with an existing
Message item, a dialog box informs the user that a program is trying to access e-mail addresses that are stored in Outlook, and asks if they wish to allow this access. If the user clicks
No, the
Send method returns the following error message:
Collaboration Data Objects-[E_ACCESSDENIED(80070005)]
The following MAPI properties are affected:
PR_SENT_REPRESENTING_ENTRYID
PR_SENT_REPRESENTING_SEARCH_KEY
PR_SENT_REPRESENTING_NAME
PR_SENT_REPRESENTING_ADDRTYPE
PR_SENT_REPRESENTING_EMAIL_ADDRESS
PR_SENDER_ENTRYID
PR_SENDER_SEARCH_KEY
PR_SENDER_NAME
PR_SENDER_ADDRTYPE
PR_SENDER_EMAIL_ADDRESS
PR_DISPLAY_TO
PR_DISPLAY_CC
PR_DISPLAY_BCC
PR_ORIGINAL_DISPLAY_TO
PR_ORIGINAL_DISPLAY_CC
PR_ORIGINAL_DISPLAY_BCC
Accessing the Items Under a Contacts Folder
When a CDO 1.21 application accesses the
Messages collection object of a
Contacts folder, the dialog box described just above (for MAPI properties) appears.
Manipulating Recipients or AddressEntries Collections
CDO 1.21 also displays the dialog box described just above under the following scenarios:
Handling Attachments
When you use the
Attachments collection object of a
Message object to retrieve each attachment in the collection, CDO 1.21 does not return "unsafe" (Level 1 Security) file attachments in the collection. For a list of Level 1 Security files, see the following article in the Microsoft Knowledge Base:
262617 OL98: Information About the Outlook E-mail Security Update
Although unsafe attachments are not physically deleted from disk, CDO 1.21 is unaware of their existence. For instance, the
Count property of the
Attachments object returns the number of attachments
excluding all unsafe attachments.