0

I have a .NET application that interacts with Outlook like this:

                Microsoft.Office.Interop.Outlook.Application app = new
              Microsoft.Office.Interop.Outlook.Application();
                Microsoft.Office.Interop.Outlook.MailItem item = app.CreateItem((Microsoft.Office.Interop.Outlook.OlItemType.olMailItem));
                item.PropertyAccessor.SetProperty(PsInternetHeaders + Foobar, 1031);
                item.BodyFormat = Microsoft.Office.Interop.Outlook.OlBodyFormat.olFormatHTML;
                item.To = "a@test.com;b@test.com;c@test.com";
                item.BCC = "cc@test.com";
                item.Body = "Hello There!";
                item.Display();

Be aware that I need to access the "PropertyAccessor" property.

In a normal environment this runs fine, but in a "secure" enviroment with this registry keys in place it just fails with Operation aborted (Exception from HRESULT: 0x80004004 (E_ABORT)):

[HKEY_CURRENT_USER\Software\Policies\Microsoft\office\16.0\outlook\security]
"PromptOOMAddressBookAccess"=dword:00000000
"AdminSecurityMode"=dword:00000003
"PromptOOMAddressInformationAccess"=dword:00000000

Outlooks security model seems to have a "trustedaddins" list, but I'm not really sure if this applies to "external applications" as well and that exactly I need to register unter TrustedAddins (see here). My main question would be: Can I just register and foobar.exe unter trustedaddins or is this not possible at all? I know that I could lower or disable the security stuff, but this is not my choice ;)

Robert Muehsig
  • 5,206
  • 2
  • 29
  • 33

1 Answers1

0

Your only options are listed at How to avoid Outlook Security Alert when sending Outlook message from VBScript?

You also might want to set PsInternetHeaders properties to strings only, not ints.

Dmitry Streblechenko
  • 62,942
  • 4
  • 53
  • 78
  • Just to make sure I understand this correctly: If there are "programmatic access policy applied" (+ the GPO setting) the cross process way is (besides the MAPI or ClickYes stuff) closed, correct? (Source: https://learn.microsoft.com/en-us/office/vba/outlook/how-to/security/security-behavior-of-the-outlook-object-model) – Robert Muehsig Sep 09 '20 at 07:15
  • If the user is using Exchange, it will be determined by the Exchange policy. Installing an up-to-date AV app is probably the easiest way if you don't want to wok around the problem programmatically (Extended MAPI in C++/Delphi or Redemption in any language). – Dmitry Streblechenko Sep 09 '20 at 22:45
  • The problem only occures with the "AdminSecurityMode=3", which we can't change :-/ Thanks for the answer. – Robert Muehsig Sep 10 '20 at 07:30