OutLook 安全防问限制

akyou56

前文提过，微软通过Outlook，提供了丰富的PIM管理方面的对象和接口等，但是同时，在当前宏病毒泛滥的情况下，微软不得不通过对某些对象以及成员进行限制，以达到阻止宏病毒肆意发送邮件的功能，微软的这一措施也为我们的Outlook集成工作带来了很大的麻烦：一旦访问到了这些受保护的属性，系统就会弹出安全警告，最多允许外部程序连续访问Outlook数据十分钟。对不懂计算机的用户造成极大的困扰。微软提供的限制访问成员列表如下：

Object	Restricted Properties	Restricted Methods
Action		Execute
AddressEntries	Any property	Any method
AddressEntry	Any property	Any method
AppointmentItem	Body* Organizer RequiredAttendees OptionalAttendees Resources NetMeetingOrganizerAlias	Respond SaveAs Send
ContactItem	Body* Email1Address Email1AddressType Email1DisplayName Email1EntryID Email2Address Email2AddressType Email2DisplayName Email2EntryID Email3Address Email3AddressType Email3DisplayName Email3EntryID IMAddress* NetMeetingAlias ReferredBy	SaveAs
DistListItem	Body*	GetMember SaveAs
Inspector	HTMLEditor* WordEditor*
ItemProperties	Any restricted property for an Item
JournalItem	Body* ContactNames	SaveAs
MailItem	Body* HTLMBody* SenderEmailAddress* SenderEmailType* SenderName SentOnBehalfOfName ReceivedByName ReceivedOnBehalfOfName ReplyRecipientNames To Cc Bcc	SaveAs Send
MeetingItem	Body* SenderName	SaveAs
NameSpace	CurrentUser GetRecipientFromID
PostItem	Body* HTMLBody* SenderName	SaveAs
Recipient	Any property	Any method
Recipients	Any property	Any method
TaskItem	Body* ContactNames Contacts Delegator Owner StatusUpdateRecipients StatusOnCompletionRecipients	SaveAs Send
UserProperties		Find
UserProperty	Formula

　　由上表可以看到，MailItem几乎任何"有用"的属性都被屏蔽而无法顺利的提供给外部使用。在网上搜了半天，找到一个宝贝： Outlook Redemption。通过Redemption的Outlook组件，可以绕过Outlook的安全性限制，对Outlook进行“全方位”的访问。推测其原理是在注册时生成并安装一个Outlook的加载项，利用该加载项在Outlook进程内同Outlook进行受信任的通信，同时该加载项也向外部的COM组件提供数据，简单说来，就是实现了一个Proxy的功能，透过Redemption组件，就可以无缝的访问Outlook的公开接口而无需担心时时弹出的安全警报了。通常，一个访问过程的流程如下：

1. 获取一个要访问的对象，如MailItem，可以通过NameSpace的GetItemFromID或者通过对MAPIFolder的遍历得到。
2. 创建Redemption的对应对象，该对象的类名一般在Outlook类名之前加上"Safe"四个字母，例如MailItem对应的就是SafeMailItem，ContactItem对应的就是SafeContactItem。
3. 将Redemption的Item属性赋值为Outlook的对象
4. 通过Redemption的属性访问Outlook的同名属性，例如SafeMailItem会具有同Outlook的MailItem的相同属性。
5. 当然，该程序发布过程中需要加入Redemption.dll的注册安装。

下面这段代码可以将Outlook的草稿箱中的邮件存储到一个文本文件中：



http://blog.dream4ever.org/Images/OutliningIndicators/None.gifon Error Resume Next
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifBrk = " XYAYX "
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet olApp = CreateObject("Outlook.Application")
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet SafeMail = CreateObject("Redemption.SafeMailItem")  '创建SafeMail对象
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet olNs = olApp.GetNameSpace("MAPI") '获取Namespace
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet dftFdr = olNS.GetDefaultFolder(16) '获取草稿箱接口
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet fso = CreateObject("Scripting.FileSystemObject") '建立文件系统对象
http://blog.dream4ever.org/Images/OutliningIndicators/None.gif
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifSet tf = fso.CreateTextFile ("c:Mails.dat") '建立文本文件用于存储邮件信息
http://blog.dream4ever.org/Images/OutliningIndicators/None.giftf.WriteLine(Time) '记录开始时间
http://blog.dream4ever.org/Images/OutliningIndicators/None.giffor I=1 to dftFdr.items.Count  '遍历文件夹下面的所有Item
http://blog.dream4ever.org/Images/OutliningIndicators/None.gif  SafeMail.Item = dftFdr.Items.Item(I)  '
http://blog.dream4ever.org/Images/OutliningIndicators/None.gif  aLine = SafeMail.EntryID & Brk & SafeMail.Subject & Brk & SafeMail.SentOn _
         & Brk & SafeMail.CreationTime & Brk & SafeMail.SenderName & Brk & SafeMail.To
http://blog.dream4ever.org/Images/OutliningIndicators/None.gif  tf.WriteLine(aLine)
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifnext
http://blog.dream4ever.org/Images/OutliningIndicators/None.gif
http://blog.dream4ever.org/Images/OutliningIndicators/None.giftf.WriteLine(Time)
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifolApp.quit
http://blog.dream4ever.org/Images/OutliningIndicators/None.giftf.Close
http://blog.dream4ever.org/Images/OutliningIndicators/None.gifMsgBox("文件生成完毕！")

btw:该组件访问Outlook2003的时候，似乎兼容性有些问题，对大量邮件进行遍历时，某些邮件的“To”字段会无法读取产生异常