I am implementing some code in Excel with VBA and my IT guy is concerned
that using CDO to send an email may open us up to security vulnerabilities.

Has anyone had any experience with this or know if the same security applies
to CDO as to Outlook? (not that he believes Outlook to be secure... but...)

Yes, it does. You might use the Redemption instead: www.dimastr.com

--
Viele Gruesse / Best regards
Michael Bauer - MVP Outlook
Organize eMails:
http://www.vboffice.net/product.html?id=2006063&cmd=detail&lang=en&pub=6

Am Wed, 18 Jul 2007 14:08:07 -0700 schrieb David Mullins:

I am implementing some code in Excel with VBA and my IT guy is concerned
that using CDO to send an email may open us up to security
vulnerabilities.

Has anyone had any experience with this or know if the same security
applies
to CDO as to Outlook? (not that he believes Outlook to be secure...
but...)

Thanks, Michael! Are you saying there are vulnerabilities using CDO or that
the security is too restricting?

Dave

"Michael Bauer [MVP - Outlook]" wrote in message
...


Yes, it does. You might use the Redemption instead: www.dimastr.com

--
Viele Gruesse / Best regards
Michael Bauer - MVP Outlook
Organize eMails:

http://www.vboffice.net/product.html?id=2006063&cmd=detail&lang=en&pub=6

Am Wed, 18 Jul 2007 14:08:07 -0700 schrieb David Mullins:

I am implementing some code in Excel with VBA and my IT guy is concerned
that using CDO to send an email may open us up to security
vulnerabilities.

Has anyone had any experience with this or know if the same security
applies
to CDO as to Outlook? (not that he believes Outlook to be secure...
but...)

Seems that I didn't understand your question the first time. If you're
talking about CDO 1.21 then it doesn't matter whether you're automating
Outlook directly or via CDO. And if Outlook is installed and configured then
I can't imagine that it should be more unsecure to use it.

What I was talking about is the security feature that applies to both: When
you try to send an e-mail or access one of the blocked properties (like
e-mail addresses) from a outside of Outlook then a message box pops up. To
avoid that I recommended the Redemption.

--
Viele Gruesse / Best regards
Michael Bauer - MVP Outlook
Organize eMails:
http://www.vboffice.net/product.html?id=2006063&cmd=detail&lang=en&pub=6

Am Thu, 19 Jul 2007 09:39:05 -0700 schrieb David Mullins:

Thanks, Michael! Are you saying there are vulnerabilities using CDO or
that
the security is too restricting?

Dave

"Michael Bauer [MVP - Outlook]" wrote in message
...


Yes, it does. You might use the Redemption instead: www.dimastr.com

--
Viele Gruesse / Best regards
Michael Bauer - MVP Outlook
Organize eMails:


http://www.vboffice.net/product.html?id=2006063&cmd=detail&lang=en&pub=6

Am Wed, 18 Jul 2007 14:08:07 -0700 schrieb David Mullins:

I am implementing some code in Excel with VBA and my IT guy is concerned
that using CDO to send an email may open us up to security
vulnerabilities.

Has anyone had any experience with this or know if the same security
applies
to CDO as to Outlook? (not that he believes Outlook to be secure...
but...)

Thanks! I am just automating an Excel ss so that when something is
received or ready to ship, it sends out a quick message alerting the
appropriate people. Seems to be working so far, but our IT guy
(anti-Windows everything) is leery about security.

Michael Bauer [MVP - Outlook] wrote:

Seems that I didn't understand your question the first time. If you're
talking about CDO 1.21 then it doesn't matter whether you're automating
Outlook directly or via CDO. And if Outlook is installed and configured then
I can't imagine that it should be more unsecure to use it.

What I was talking about is the security feature that applies to both: When
you try to send an e-mail or access one of the blocked properties (like
e-mail addresses) from a outside of Outlook then a message box pops up. To
avoid that I recommended the Redemption.

I don't think I understand your IT guy: how exactly would it be a security
risk if your custom script uses CDO which is already installed and you are
not installing any additional software?
I have a pretty wild imagination, but I just can't come up with a scenatio
that can even remotely be considered a security risk.

Dmitry Streblechenko (MVP)
http://www.dimastr.com/
OutlookSpy - Outlook, CDO
and MAPI Developer Tool

"Davideo" wrote in message
...
Thanks! I am just automating an Excel ss so that when something is
received or ready to ship, it sends out a quick message alerting the
appropriate people. Seems to be working so far, but our IT guy
(anti-Windows everything) is leery about security.

Michael Bauer [MVP - Outlook] wrote:

Seems that I didn't understand your question the first time. If you're
talking about CDO 1.21 then it doesn't matter whether you're automating
Outlook directly or via CDO. And if Outlook is installed and configured
then
I can't imagine that it should be more unsecure to use it.

What I was talking about is the security feature that applies to both:
When
you try to send an e-mail or access one of the blocked properties (like
e-mail addresses) from a outside of Outlook then a message box pops up.
To
avoid that I recommended the Redemption.

Ha! He is anti Microsoft everything and his biggest basis for this is
"Windows has too many security issues." Outlook, included, in his book.
So, theoretically, if I am using some non-secure way to access Outlook
features then it would be no problem for some adware, virus, or
unscrupulous internet predator to see that going on and tap into my
computer to start sending spam or flooding us with pop-ups.

That's what HE says. I really don't see how, but he's the boss. Anyway,
we agreed for me to use it for a few days and see if anything "pops up!"

Dmitry Streblechenko wrote:
I don't think I understand your IT guy: how exactly would it be a security
risk if your custom script uses CDO which is already installed and you are
not installing any additional software?
I have a pretty wild imagination, but I just can't come up with a scenatio
that can even remotely be considered a security risk.

Dmitry Streblechenko (MVP)
http://www.dimastr.com/
OutlookSpy - Outlook, CDO
and MAPI Developer Tool

"Davideo" wrote in message
...
Thanks! I am just automating an Excel ss so that when something is
received or ready to ship, it sends out a quick message alerting the
appropriate people. Seems to be working so far, but our IT guy
(anti-Windows everything) is leery about security.

Michael Bauer [MVP - Outlook] wrote:
Seems that I didn't understand your question the first time. If you're
talking about CDO 1.21 then it doesn't matter whether you're automating
Outlook directly or via CDO. And if Outlook is installed and configured
then
I can't imagine that it should be more unsecure to use it.

What I was talking about is the security feature that applies to both:
When
you try to send an e-mail or access one of the blocked properties (like
e-mail addresses) from a outside of Outlook then a message box pops up.
To
avoid that I recommended the Redemption.