There is a warning when you send emails via Outlook by using the Microsoft.Office.Interop.Outlook
objects. There are several workarounds in form of disabling the complete security warning. That is not applicable in our case. The other options seems to set the protocol used to a registry key.
So if you add a key like HKCU/SOFTWARE/Microsoft/Office/16.0/Common/Security/Trusted Protocols/All Applications/foo:
then all calls from the foo:// protocol are trusted and no warning pops up.
We use a code like this:
using Outlook = Microsoft.Office.Interop.Outlook;
Outlook.Application _outlook = new Outlook.Application();
Outlook.MailItemn _message = null;
...
_message = (Outlook.MailItem)_outlook.CreateItem(Outlook.OlItemType.olMailItem);
Outlook.Recipients recipients = _message.Recipients;
if (!string.IsNullOrEmpty(MailTo))
{
string[] mailToList = MailTo.Split(';');
foreach (string mailToEntry in mailToList)
{
Outlook.Recipient recipient = recipients.Add(mailToEntry.Trim());
recipient.Type = (int)Outlook.OlMailRecipientType.olTo;
recipient.Resolve();
}
}
foreach (MailAttachment attachment in Attachments)
{
string tempDir = TempDirectory.Create();
string tmpFile = Path.Combine(tempDir, attachment.Name);
File.WriteAllBytes(tmpFile, attachment.Data);
_message.Attachments.Add(tmpFile, (int)Outlook.OlAttachmentType.olByValue, 1, attachment.Name);
}
_message.Send();
At least in a shorted form. My question is now: "How could I define this in the registry as exception?"
Maybe it is possible to create something like HKCU/SOFTWARE/Microsoft/Office/16.0/Common/Security/Trusted Protocols/MyApp/http:
?
This does not work, because the protocol used seems not to be http. Does someone know which one is used here and maybe how to change the name so we could use it in the exception settings?
Has anyone an idea?
CodePudding user response:
Protocol handlers and sending emails via OOM don't have anything common. There are several ways for suppressing security prompts generated by the Outlook object model:
Use a third-party components for suppressing Outlook security warnings. See Security Manager for Microsoft Outlook for more information.
Use a low-level API instead of OOM - Extended MAPI which doesn't trigger security prompts. Or consider using any other third-party wrappers around that API, for example, Redemption.
Develop a COM add-in which has access to the trusted Application object. And then communicate from a standalone application with an add-in using standard .Net tools (Remoting).
Use group policy objects for setting up machines to not trigger security prompts.
Use any antivirus software with latest databases (up-to-date).