Summary of Collaboration Data Objects (CDO) 1.21s e-mail security features in Outlook 2002 (295302)


The information in this article applies to:

  • Microsoft Outlook 2002
This article was previously published under Q295302
For a Microsoft Outlook 98 version of this article, see 273882.

For a Microsoft Outlook 2000 version of this article, see 268372.

SUMMARY

This article contains information for developers, solution providers, and independent software vendors (ISVs) about Collaboration Data Objects (CDO) 1.21s. CDO 1.21s is included with Microsoft Office XP.

This version of CDO provides a greater level of security against viruses that spread through e-mail. If you have an application that uses the CDO 1.21 library, We recommend that you become familiar with the changes that these security features make to the library. If you do this, you can determine how these changes may affect your solution.

MORE INFORMATION

Important CDO 1.21s is designed specifically to help promote client safety. CDO 1.21s should not be applied to Microsoft Exchange Server-side versions of the CDO 1.21 library.

Changes to the CDO 1.21s Object Model

Sending Mail

When a CDO 1.21s application calls the Send method of a Message object or a MeetingItem object, a dialog box informs the user that a program is trying to send mail on their behalf and then prompts the user if the message should be sent. If the user clicks No, the Send method returns the following error message:
Collaboration Data Objects-[E_ACCESSDENIED(80070005)]

Accessing certain MAPI properties associated with a Message object

When a CDO 1.21s application uses a Fields collection object to access MAPI properties that are associated with an existing Message item, a dialog box informs the user that a program is trying to access e-mail addresses that are stored in Outlook and then prompts the user if they want to allow for this access. If the user clicks No, the Send method returns the following error message:
Collaboration Data Objects-[E_ACCESSDENIED(80070005)]
The following MAPI properties are affected: 

PR_SENT_REPRESENTING_ENTRYID
PR_SENT_REPRESENTING_SEARCH_KEY
PR_SENT_REPRESENTING_NAME
PR_SENT_REPRESENTING_ADDRTYPE
PR_SENT_REPRESENTING_EMAIL_ADDRESS
  
PR_SENDER_ENTRYID
PR_SENDER_SEARCH_KEY
PR_SENDER_NAME
PR_SENDER_ADDRTYPE
PR_SENDER_EMAIL_ADDRESS
  
PR_DISPLAY_TO
PR_DISPLAY_CC
PR_DISPLAY_BCC
  
PR_ORIGINAL_DISPLAY_TO
PR_ORIGINAL_DISPLAY_CC
PR_ORIGINAL_DISPLAY_BCC

Accessing the items under a Contacts folder

When a CDO 1.21s application accesses the Messages collection object of a Contacts folder, the dialog box for MAPI properties appears.

Manipulating Recipients or AddressEntries collections

CDO 1.21s also displays a dialog box under the following scenarios:
  • The Recipients collection is invoked for actions that involve reading the recipients of an e-mail message.
  • The AddressEntries collection is called to reach an AddressEntry within the collection. For example:
    objRecipientCollection.Item(index)
objAddressEntriesCollection.Item(index)
  • In creating an outgoing message, the Resolve method is called on the newly populated Recipients collection.

Handling attachments

When you use the Attachments collection object of a Message object to retrieve each attachment in the collection, CDO 1.21s does not return "unsafe" (Level 1 Security files) file attachments in the collection. Unsafe attachments are not actually removed, but CDO 1.21s does not know that the attachments exist. For example, the Count property of the Attachments object returns the number of attachments excluding all unsafe attachments.

Avoiding the security prompts

For more information about how to avoid the security prompts, click the following article number to view the article in the Microsoft Knowledge Base:

290500 Description of the developer-related e-mail security features in Outlook 2002

Using CDO 1.21s in a service

If you are developing a Windows service that uses CDO, security prompts will not be generated because CDO detects that it is running in a service. Therefore, CDO does not display security prompts.
Modification Type:MinorLast Reviewed:3/15/2006
Keywords:kbsendmail kberrmsg kbemail kbhowto KB295302
©2004 Microsoft Corporation. All rights reserved.