Microsoft KB Archive/295302

= Summary of Collaboration Data Objects (CDO) 1.21s e-mail security features in Outlook 2002 =

Article ID: 295302

Article Last Modified on 3/15/2006

-

APPLIES TO


 * Microsoft Outlook 2002 Standard Edition

-



This article was previously published under Q295302





For a Microsoft Outlook 98 version of this article, see 273882.



For a Microsoft Outlook 2000 version of this article, see 268372.



SUMMARY
This article contains information for developers, solution providers, and independent software vendors (ISVs) about Collaboration Data Objects (CDO) 1.21s. CDO 1.21s is included with Microsoft Office XP.

This version of CDO provides a greater level of security against viruses that spread through e-mail. If you have an application that uses the CDO 1.21 library, We recommend that you become familiar with the changes that these security features make to the library. If you do this, you can determine how these changes may affect your solution.



MORE INFORMATION
Important CDO 1.21s is designed specifically to help promote client safety. CDO 1.21s should not be applied to Microsoft Exchange Server-side versions of the CDO 1.21 library.

Sending Mail
When a CDO 1.21s application calls the Send method of a Message object or a MeetingItem object, a dialog box informs the user that a program is trying to send mail on their behalf and then prompts the user if the message should be sent. If the user clicks No, the Send method returns the following error message:

Collaboration Data Objects-[E_ACCESSDENIED(80070005)]

Accessing certain MAPI properties associated with a Message object
When a CDO 1.21s application uses a Fields collection object to access MAPI properties that are associated with an existing Message item, a dialog box informs the user that a program is trying to access e-mail addresses that are stored in Outlook and then prompts the user if they want to allow for this access. If the user clicks No, the Send method returns the following error message:

Collaboration Data Objects-[E_ACCESSDENIED(80070005)]

The following MAPI properties are affected:

PR_SENT_REPRESENTING_ENTRYID PR_SENT_REPRESENTING_SEARCH_KEY PR_SENT_REPRESENTING_NAME PR_SENT_REPRESENTING_ADDRTYPE PR_SENT_REPRESENTING_EMAIL_ADDRESS PR_SENDER_ENTRYID PR_SENDER_SEARCH_KEY PR_SENDER_NAME PR_SENDER_ADDRTYPE PR_SENDER_EMAIL_ADDRESS PR_DISPLAY_TO PR_DISPLAY_CC PR_DISPLAY_BCC PR_ORIGINAL_DISPLAY_TO PR_ORIGINAL_DISPLAY_CC PR_ORIGINAL_DISPLAY_BCC

Accessing the items under a Contacts folder
When a CDO 1.21s application accesses the Messages collection object of a Contacts folder, the dialog box for MAPI properties appears.

Manipulating Recipients or AddressEntries collections
CDO 1.21s also displays a dialog box under the following scenarios:  The Recipients collection is invoked for actions that involve reading the recipients of an e-mail message.  The AddressEntries collection is called to reach an AddressEntry within the collection. For example: objRecipientCollection.Item(index) objAddressEntriesCollection.Item(index)  In creating an outgoing message, the Resolve method is called on the newly populated Recipients collection.

Handling attachments
When you use the Attachments collection object of a Message object to retrieve each attachment in the collection, CDO 1.21s does not return &quot;unsafe&quot; (Level 1 Security files) file attachments in the collection. Unsafe attachments are not actually removed, but CDO 1.21s does not know that the attachments exist. For example, the Count property of the Attachments object returns the number of attachments excluding all unsafe attachments.

Avoiding the security prompts
For more information about how to avoid the security prompts, click the following article number to view the article in the Microsoft Knowledge Base:

290500 Description of the developer-related e-mail security features in Outlook 2002

Using CDO 1.21s in a service
If you are developing a Windows service that uses CDO, security prompts will not be generated because CDO detects that it is running in a service. Therefore, CDO does not display security prompts.

Keywords: kberrmsg kbhowto kbemail KB295302

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.