Microsoft KB Archive/194623

= How to use Collaboration Data Objects to see if a message is signed and/or encrypted =

Article ID: 194623

Article Last Modified on 7/15/2005

-

APPLIES TO


 * Microsoft Collaboration Data Objects 1.2
 * Microsoft Collaboration Data Objects 1.21

-



This article was previously published under Q194623



SUMMARY
The Signed and Encrypted properties of the Message object will not accurately reflect the security status of a message unless the e-mail client has set the PR_SECURITY property. This article describes how to determine if a received message is signed and/or encrypted.



MORE INFORMATION
The Signed and Encrypted properties on a Collaboration Data Objects (1.2, 1.21) Message Object correspond to the SECURITY_SIGNED and SECURITY_ENCRYPTED flag of the MAPI property PR_SECURITY. These properties of a message will not be available even if the e-mail client that sent the message set the PR_SECURITY flag of the message before sending it. Consequently, using these properties to programmatically determine if a message has security on it is unreliable.

Testing revealed that Microsoft Outlook 98 and Microsoft Outlook Express do not set the PR_SECURITY property. Therefore the Signed or Encrypted properties of messages sent from these products will always be FALSE regardless of the actual Signed or Encrypted state of the message.

An alternate way to determine the security level of a message is to determine what class the message is. You can access this property by using the Fields collection of a message object as demonstrated in the following line of code: objMessage.Fields(CdoPR_MESSAGE_CLASS).Value The following Visual Basic code demonstrates how to access this property: Option Explicit 'Requires a reference to the Microsoft CDO (1.2 or 1.21) library Private Sub Form_Load

Dim strServer As String Dim strMailbox As String Dim strProfileInfo As String Dim objSession As MAPI.Session Dim objInbox As Folder Dim objMessages As Messages Dim objMessage As Message

strServer = "MyExchangeServer" 'Insert name of an Exchange Server. strMailbox = "MyMailbox"       'Insert the name of a Mailbox.

'Create your ProfileInfo string. strProfileInfo = strServer & vbLf & strMailbox

'Create your session and log onto it on the fly. Set objSession = New MAPI.Session objSession.Logon "", "", False, True, 0, True, strProfileInfo

'Create your Inbox object and get all the messages in the inbox. Set objInbox = objSession.Inbox Set objMessages = objInbox.Messages

'Get the first message in the objMessages collection. Set objMessage = objMessages.GetFirst

If objMessage Is Nothing Then MsgBox "No messages to process" Else 'Set up a loop to run through all the messages in the inbox. Do         With objMessage 'Print the subject. Debug.Print .Subject

'Print the Message Class. Debug.Print .Fields(CdoPR_MESSAGE_CLASS).Value Debug.Print End With   'objMessage

'Get the next message. Set objMessage = objMessages.GetNext Loop Until objMessage Is Nothing End If

'Logoff your session and destroy your objects. objSession.Logoff

Set objMessage = Nothing Set objMessages = Nothing Set objInbox = Nothing Set objSession = Nothing Unload Me  'Unload the form End Sub Different e-mail clients and security methods create different classes. For example, a message created in Microsoft Outlook 98 using Exchange security will have the following properties:
 * Unsigned and Unencrypted: IPM.Note
 * Signed and Unencrypted: IPM.NOTE.SECURE.SIGN
 * Unsigned and Encrypted: IPM.NOTE.SECURE
 * Signed and Encrypted: IPM.NOTE.SECURE

On the other hand, if you use Secure - Multipurpose Internet Mail Extensions (SMIME) from Microsoft Outlook Express to send a signed message, the class will be IPM.Note.SMIME.MultipartSigned.

Therefore, in order to use the Message Class of a message to determine if the message is signed and/or encrypted, you must determine what message class your e-mail client uses when sending signed and/or encrypted e-mail. Since it would be impossible to maintain a list of the message classes used by every e-mail client available, the preceding code should help you by looping through all the messages in your Inbox folder and display the Message class. This should help you in determining how to perform the tests for signed and/or encrypted e-mail in your application.

Note Creating messages of these classes will not accomplish sending encrypted/signed messages.

The techniques detailed in this article cannot be used in the OnSubmit event of an Exchange Client Extension. Outlook calls OnSubmit for all extensions before it applies any security to the message to ensure that any work done by the extension is also protected. Because of this, the message class will always be IPM.Note regardless of the security settings.

