Outlook 2000 developer information about the CDO E-mail Security Update

This article provides information for developers, solution providers, and independent software vendors (ISVs) about the Outlook 2000 Collaboration Data Objects (CDO) 1.21 E-mail Security Update that was released on July 7, 2000.

The CDO E-mail Security Update provides a higher level of security against viruses that spread through e-mail. If you have an application that uses the CDO 1.21 library, Microsoft recommends that you become familiar with the changes that the security update makes to the library, so that you can determine how those changes may affect your solution.

Before you install the CDO E-mail Security Update, you must install the Outlook 2000 E-mail Security Update. For more information about how to install the CDO E-mail Security Update, click the following article number to view the article in the Microsoft Knowledge Base: Important The CDO E-mail Security Update is designed specifically for client safety. It should not be applied to Microsoft Exchange Server-side versions of CDO 1.21 library.

How to customize the restrictions of the CDO E-mail Security Update

If you are using Microsoft Exchange Server, you can customize the behavior of the CDO E-mail Security Update in your organization. For more information about customizing the settings, click the following article number to view the article in the Microsoft Knowledge Base:

Changes to the CDO 1.21 object model

Sending mail

When a CDO 1.21 application calls the Send method of a Message object or a MeetingItem object, a dialog box informs the user that a program is trying to send mail on their behalf, and asks if the message should be sent. If the user clicks No, the Send method returns the following error message:

Accessing certain MAPI properties associated with a Message object that exists under a MAPI folder

When a CDO 1.21 application uses a Fields collection object to access MAPI properties associated with an existing Message item, a dialog box informs the user that a program is trying to access e-mail addresses that are stored in Outlook, and asks if they wish to allow this access. If the user clicks No, the Send method returns the following error message: The following MAPI properties are affected:

Accessing the items under a Contacts folder

When a CDO 1.21 application accesses the Messages collection object of a Contacts folder, the dialog box described just above (for MAPI properties) appears.

Manipulating recipients or AddressEntries collections

CDO 1.21 also displays the dialog box described just above under the following scenarios:

• The Recipients collection is invoked for actions that involve reading the recipients of an e-mail message.
• The AddressEntries collection is called to reach an AddressEntry within the collection. For example:

  objRecipientCollection.Item(index)
  objAddressEntriesCollection.Item(index)
  					

• In creating an outbound message, the Resolve method is called on newly populated Recipients collection.

Handling attachments

When you use the Attachments collection object of a Message object to retrieve each attachment in the collection, CDO 1.21 does not return "unsafe" (Level 1 Security files) file attachments in the collection. For a list of Level 1 Security files, see the following article in the Microsoft Knowledge Base: Unsafe attachments are not physically deleted from disk, but CDO 1.21 is unaware of their existence. For instance, the Count property of the Attachments object returns the number of attachments excluding all unsafe attachments.