OutLook 安全防问限制
前文提过,微软通过Outlook,提供了丰富的PIM管理方面的对象和接口等,但是同时,在当前宏病毒泛滥的情况下,微软不得不通过对某些对象以及成员进行限制,以达到阻止宏病毒肆意发送邮件的功能,微软的这一措施也为我们的Outlook集成工作带来了很大的麻烦:一旦访问到了这些受保护的属性,系统就会弹出安全警告,最多允许外部程序连续访问Outlook数据十分钟。对不懂计算机的用户造成极大的困扰。微软提供的限制访问成员列表如下:Object
Restricted Properties
Restricted Methods
Action
Execute
AddressEntries
Any property
Any method
AddressEntry
Any property
Any method
AppointmentItem
Body*
Organizer
RequiredAttendees
OptionalAttendees
Resources
NetMeetingOrganizerAlias
Respond
SaveAs
Send
ContactItem
Body*
Email1Address
Email1AddressType
Email1DisplayName
Email1EntryID
Email2Address
Email2AddressType
Email2DisplayName
Email2EntryID
Email3Address
Email3AddressType
Email3DisplayName
Email3EntryID
IMAddress*
NetMeetingAlias
ReferredBy
SaveAs
DistListItem
Body*
GetMember
SaveAs
Inspector
HTMLEditor*
WordEditor*
ItemProperties
Any restricted property for an Item
JournalItem
Body*
ContactNames
SaveAs
MailItem
Body*
HTLMBody*
SenderEmailAddress*
SenderEmailType*
SenderName
SentOnBehalfOfName
ReceivedByName
ReceivedOnBehalfOfName
ReplyRecipientNames
To
Cc
Bcc
SaveAs
Send
MeetingItem
Body*
SenderName
SaveAs
NameSpace
CurrentUser
GetRecipientFromID
PostItem
Body*
HTMLBody*
SenderName
SaveAs
Recipient
Any property
Any method
Recipients
Any property
Any method
TaskItem
Body*
ContactNames
Contacts
Delegator
Owner
StatusUpdateRecipients
StatusOnCompletionRecipients
SaveAs
Send
UserProperties
Find
UserProperty
Formula
由上表可以看到,MailItem几乎任何"有用"的属性都被屏蔽而无法顺利的提供给外部使用。在网上搜了半天,找到一个宝贝: Outlook Redemption。通过Redemption的Outlook组件,可以绕过Outlook的安全性限制,对Outlook进行“全方位”的访问。推测其原理是在注册时生成并安装一个Outlook的加载项,利用该加载项在Outlook进程内同Outlook进行受信任的通信,同时该加载项也向外部的COM组件提供数据,简单说来,就是实现了一个Proxy的功能,透过Redemption组件,就可以无缝的访问Outlook的公开接口而无需担心时时弹出的安全警报了。通常,一个访问过程的流程如下:
1. 获取一个要访问的对象,如MailItem,可以通过NameSpace的GetItemFromID或者通过对MAPIFolder的遍历得到。
2. 创建Redemption的对应对象,该对象的类名一般在Outlook类名之前加上"Safe"四个字母,例如MailItem对应的就是SafeMailItem,ContactItem对应的就是SafeContactItem。
3. 将Redemption的Item属性赋值为Outlook的对象
4. 通过Redemption的属性访问Outlook的同名属性,例如SafeMailItem会具有同Outlook的MailItem的相同属性。
5. 当然,该程序发布过程中需要加入Redemption.dll的注册安装。
下面这段代码可以将Outlook的草稿箱中的邮件存储到一个文本文件中:
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifon Error Resume Next
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifBrk = " XYAYX "
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet olApp = CreateObject("Outlook.Application")
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet SafeMail = CreateObject("Redemption.SafeMailItem")'创建SafeMail对象
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet olNs = olApp.GetNameSpace("MAPI") '获取Namespace
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet dftFdr = olNS.GetDefaultFolder(16) '获取草稿箱接口
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet fso = CreateObject("Scripting.FileSystemObject") '建立文件系统对象
http://blog.dream4ever.org/Images/OutliningIndicators/None.gif
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet tf = fso.CreateTextFile ("c:Mails.dat") '建立文本文件用于存储邮件信息
http://blog.dream4ever.org/Images/OutliningIndicators/None.giftf.WriteLine(Time) '记录开始时间
http://blog.dream4ever.org/Images/OutliningIndicators/None.giffor I=1 to dftFdr.items.Count'遍历文件夹下面的所有Item
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSafeMail.Item = dftFdr.Items.Item(I)'
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifaLine = SafeMail.EntryID & Brk & SafeMail.Subject & Brk & SafeMail.SentOn _
& Brk & SafeMail.CreationTime & Brk & SafeMail.SenderName & Brk & SafeMail.To
http://blog.dream4ever.org/Images/OutliningIndicators/None.giftf.WriteLine(aLine)
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifnext
http://blog.dream4ever.org/Images/OutliningIndicators/None.gif
http://blog.dream4ever.org/Images/OutliningIndicators/None.giftf.WriteLine(Time)
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifolApp.quit
http://blog.dream4ever.org/Images/OutliningIndicators/None.giftf.Close
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifMsgBox("文件生成完毕!")
btw:该组件访问Outlook2003的时候,似乎兼容性有些问题,对大量邮件进行遍历时,某些邮件的“To”字段会无法读取产生异常
页:
[1]