[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


[Delphi 6] Bypassing the Outlook security.

Posted on 2006-11-03
Medium Priority
Last Modified: 2011-09-20
Well, the problem is very simple but my customer is making some very high demands... I have an application which will send emails through MAPI. The customer insisted that I use MAPI for this so any other option is 'not done'. So we got to the next level, which is the Outlook Security. And my customer wants the application to send messages without that annoying "Security Manager" popup. Of course, there are several options for this but my customer has shot down all these options.

First I suggested to use Outlook Redemption from http://www.dimastr.com/redemption/ but no, it's a third-party ActiveX control and thus my customer becomes a bit itchy. So while this solution would easily solve the problem, my customer said NO and he's the Boss...

The second option was to use the Outlook Security Manager from http://www.add-in-express.com/outlook-security/ but this too was not something my customer appreciated. He fails to understand the need for third-party components to solve this issue and I think he expects me to know how to do this job without such controls. Basically, he wants something with sourcecode and both controls don't have any.

I've also suggested to write some "ClickYes" function which would simply click the "Yes" button when the Outlook message pops up but that too was binned. Of course, it's not a good solution anyways.

I also read that there's some trick by changing a registry setting or disabling the Outlook security in general but the customer doesn't agree with such solutions either.

So now I'm stuck. I have a customer who wants my application to send emails through MAPI and without the security popup and I've ran out of options here. Basically, this is a Customer from Hell who should actually become a pointy-haired manager. But he's the Boss and although I'm almost at a point that I want to become extremely rude towards him, I'm still trying one last option. EE. :-)

So, does anyone know of an alternative solution?

(And in the meantime, I will continue to try and convince my customer that this is just impossible to do since Microsoft is enforcing this...)
Question by:Wim ten Brink
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Assisted Solution

mugman21 earned 900 total points
ID: 17864995
Tough one, I don't like hookers - but perhaps you could eliminate the message by setting a hook with setwindowshookex and register a callback for message and dialog creations. It's been a realllllllyyyy long time since I've used this function, but I believe it would allow you to dump those security warnings.

If I remember correctly, the messageproc callback fires before anything is displayed, so, you might be able to take some action there....

not sure though....

Good luck,


Accepted Solution

sun4sunday earned 600 total points
ID: 17865665
Click yes can do it. depends on ur user.

Thank god, the user is not asking M$ when he needs to open the notepad when he click the start button :)
Convience him that this is the feature integrated with the outlook

LVL 17

Author Comment

by:Wim ten Brink
ID: 17865692
I have enough API knowledge to write such a ClickYes tool myself but I consider it the most horrible solution possible. It still means that some dialog will pop up. :-(
About hooking the WINAPI functions, well... It's a more interesting solution but still far from perfect.

Right now, I still prefer to keep telling the customer that it cannot be done. Not really funny but still, he will just have to accept this. I can offer plenty of other solutions without the use of MAPI but these are considered undesirable.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Assisted Solution

mugman21 earned 900 total points
ID: 17865701
Do you have any reason why he is objecting to your own SMTP engine?
LVL 17

Author Comment

by:Wim ten Brink
ID: 17865743
Ehm, yes. He's a project manager for an extremely large company and their network is extremely complex with all kinds of security issues, etc. In general, people don't even have POP3/SMTP mail access in this company but everything is done through Outlook with Exchange server and an enormous domain treestructure. Even simple things like WebMail and Internet are locked for many users or behind all kinds of proxies.

My own suggestion was even simpler, since all they want is an email containing some XML data as the text of the body of an email. (No attachments allowed.) I suggested that they would set up a simple webservice somewhere and provide me some API to communicate with it. They liked the idea so their project team started to build such a service but then decided it would be better to just have a special mail account which receives the data and have some server send the data to the service.
Yes, WTF was my first response too... Anyway, there's a team of 50+ people making all kinds of decisions and all I have to do is work on a tool that will provide them the data.

Assisted Solution

real_icecoke earned 500 total points
ID: 17870720

this stuff is not my really business, but what is about extended MAPI - afaik extended MAPI is not affected by the mentioned security patch. Is this of help:


just an idea.

LVL 17

Author Comment

by:Wim ten Brink
ID: 17879371
Extended MAPI is an option, although it depends on Microsoft Exchange. This would work for this customer but not in all situations. (It will be hard for me to use since it means I have to set up an exchange server somewhere for testing and a second environment without exchange server.)
Still, I will have a look at it. Thanks!
LVL 17

Author Comment

by:Wim ten Brink
ID: 17913067
Thanks for the input! The customer is now accepting the fact that we can't bypass this and is looking into the ClickYes construction. Basically, he's now on his own since I made it clear that:
1) I can't just bypass this security.
2) an SMTP Client engine or something similar would make it a lot easier.
3) There are better techniques for doing what the customer wants and he will have to look into them now.

He's not a happy customer, though. Basically, the application is sending XML in the body of the message through Outlook which is "automatically" processed by some mailreader (read: some person hired to open all mails and copy/paste the body to the appropiate textfiles) and now he has to think of having something created that will process this data in a better way. Yeah, it counts as a WTF but the customer is still in a development phase for this project. This is just a wake-up call for him that other parts in the projects are slowing me down and I don't have any control over this...

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
Have you ever had your Delphi form/application just hanging while waiting for data to load? This is the article to read if you want to learn some things about adding threads for data loading in the background. First, I'll setup a general applica…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question