The Outlook Security protection dates back to year 2000. The "I Love You" and "Melissa" viruses had just caused havoc all over the globe. Using the Outlook Object Model (OOM) the viruses spread by sending copies to all address book contacts.
Microsoft was under great pressure. The same Outlook extensibility used by various legitimate applications was also providing a window for virus distribution. Thus the Outlook Security update was born in May 2000 locking down these interfaces. This was made available as a patch for Outlook 98 and Outlook 2000. Thereafter it was included out-of-the-box with the Outlook releases that followed.
I am sure many of you have seen this dialog:
It alerts the user that an application is about to access the address book. The warning is part of the OOM lockdown protecting against automated address book access and email submission. The lockdown also blocked access to certain email attachment types such as executables and batch files. Finally it also raised the default internet security zone setting, restricting internet access through Outlook.
Whereas the update did a fine job in most cases, the lockdown did (and still does) interfere with the legitimate use of Outlook. Most commonly some users require access to blocked attachment types or need to use applications that collide with the OOM warnings. As an example, one such application is the MS Word Mail Merge functionality. On the other hand some want tighter security. Restricting access to more attachment types is often the most common requirement.
Configuring the Outlook Security functionality is what normally leaves administrators down. The solution provided to Exchange organizations is certainly not administrator friendly and is to say the least patchy. To begin with an administrator is required to manually perform these steps:
- Download and copy AdmPack patch files
- Register COM objects
- Create a public folder and configure access permissions
- Install a Custom Outlook Form
- Perform a registry tweak on each client machine requiring customized Outlook security
Once all of this is done, through the form, the Outlook Security functionality may be configured. This is certainly not what an Administrator expects from Exchange, the leading enterprise email server.
Microsoft made available this administrative patch from the Office XP Resource Kit download page. From here you can download the 'Outlook Security Features Administrative Package' Admpack.exe. The package contains all necessary files including readme.doc which takes you through the steps required to install the patch and configure the customized security settings.
Once you go through this procedure you are likely to join the club of those wondering how come a decent administrative interface is not available. So here comes the good news! With the upcoming Outlook 2007 the security settings are configurable through Group Policy. Using Group Policy also means these settings won't be tied to Exchange any longer.
It took us a long time to get to here. Finally here is a solution that will ultimately enable us to forget of AdmPack.
References
Microsoft to Deliver Major Outlook Security Solution To Help Protect Customers Against Computer Viruses
Office XP Resource Kit