Reputation: 63
How can I check if a mail has a valid digital signature?
I need to validate if an incoming mailitem is signed in Outlook 2010.
If a mailitem is not signed, it should be moved into a "NOSIG"-folder.
While researching, I found (and sort of confirmed) that Outlook 2010 modifies the MessageClass to "IPM.Note", so I tried to use the PropertyAccessor and read the Security-Flags.
Here's my code so far:
Sub TRCR(MAIL_ITEM As MailItem)
Dim PR_SECURITY_FLAGS As Integer
On Error Resume Next
'Security-Flags: 0=none, 1=encrypted, 2=signed, 3=both
PR_SECURITY_FLAGS = MAIL_ITEM.PropertyAccessor.GetProperty("http://schemas.microsoft.com/mapi/proptag/0x6E010003")
'Modulo because, sometimes the flags value is added to a multiple of 32... <unfortunately I lost the source>
If (PR_SECURITY_FLAGS > 32) Then PR_SECURITY_FLAGS = PR_SECURITY_FLAGS Mod 32
If PR_SECURITY_FLAGS = 2 Or PR_SECURITY_FLAGS = 3 Then
'Do all that fancy stuff I want to with that signed Mail
Else
MAIL_ITEM.Move Application.GetNamespace("MAPI").GetDefaultFolder(olFolderInbox).Folders.Item("NOSIG")
End If
End Sub
I use an Outlook rule to run that script on every incoming E-Mail.
It sometimes moves signed mails to the NOSIG folder.
In those cases, the PR_SECURITY_FLAGS were both at 0, before and after that Modulo-Codeline. So being 0, the script worked right but since the mail was signed, the flag shouldn't have been 0 but 2.
I resent the same signed mail dozens of times, just to always see the same thing happening. Most of them are treated correctly while a few always appeared to show the flag 0 instead of 2 while they were signed.
I tried to pause the script for 1-5 seconds with Application.Wait Now + TimeSerial(0, 0, 1) thinking that the script may be too fast for the PropertyAccessor or something, but the pause didn't work. (I couldn't "feel" that five seconds delay while processing multiple mails.)
I start to think that it is an Outlook problem (maybe manipulating Security-Flags similar to MessageClass but not every time).
Upvotes: 2
Views: 883
Answers (1)
Reputation: 66306
PR_SECURITY_FLAGS is only set on the outgoing messages to tell Outlook to encrypt the message when it is actually sent. It will not be present on the incoming messages - take a look at the messages with OutlookSpy (I am its author - click IMessage button).
For the incoming messages, you'd think you could check the MessageClass property and see if it is "IPM.Note.SMIME.MultipartSigned", but OOM tries real hard to represent signed and encrypted messages as the regular IPM.Note messages. You would have to either bypass OOM completely and use Extended MAPI (C++ or Delphi only) or you can use Redemption (any language, including VBA, I am its author). Something like the following would let you check the real message class:
set Session = CreateObject("Redemption.RDOSession")
Session.MAPIOBJECT = Application.Session.MAPIOBJECT
set SourceMsg = Session.GetRDOObjectFromOutlookObject(MAIL_ITEM , true)
MsgBox SourceMsg.MessageClass
Upvotes: 2
Related Questions
- Inserting Signature into Outlook email from Excel VBA
- Sending Outlook mail with signature using Excel VBA
- How to know if attachment is a signature in an Outlook email
- Check if email is digitally signed using VB.Net
- Adding signature to an automated outlook mail
- VBA Detect if an e-mail in editing mode has a signature included?
- VBA Email Signature Code Proof
- Making Outlook Recognize My Digitally Signed Email
- Check if a Outlook Mail (*.msg) is Digitaly Signed or Encrypted
- How to detect whether Outlook digitally signs an email by default?