Sending Emails through PowerShell on a server

Question

I'm automating the sending of emails through a PowerShell script from a server. When I do, I get the following prompt:

A program is trying to access email address information stored in Outlook

When I look at the options in the Trust Center, I find that it's not able to monitor whether the antivirus is installed/expired/up-to-date.

Programmatic Access Security in Trust Center

I want to know whether the current chosen option (underlined in green) is functionally the same as the Not recommended option (underlined in red) due to the yellow highlighted prompt.

Answer 1

These options will not help to bridge the gap with security issues. I'd recommend suppressing such security warnings programmatically instead, or just avoiding them by using a low-level API which doesn't trigger security prompts:

1. Use third-party components for suppressing Outlook security warnings. See Security Manager for Microsoft Outlook for more information.

2. Use a low-level API instead of OOM - Extended MAPI which doesn't trigger such security prompts. Or any other third-party wrappers around that API, for example, Redemption.

3. Develop a COM add-in that has access to the trusted Application object.

4. Use group policy objects for setting up machines.

---

Another aspect is that Microsoft does not currently recommend, and does not support, Automation of Microsoft Office applications from any unattended, non-interactive client application or component (including ASP, ASP.NET, DCOM, and NT Services), because Office may exhibit unstable behavior and/or deadlock when Office is run in this environment.

If you are building a solution that runs in a server-side context, you should try to use components that have been made safe for unattended execution. Or, you should try to find alternatives that allow at least part of the code to run client-side. If you use an Office application from a server-side solution, the application will lack many of the necessary capabilities to run successfully. Additionally, you will be taking risks with the stability of your overall solution. Read more about that in the Considerations for server-side Automation of Office article.

Answer 2

Since Outlook wasn't able to check to see whether or not there was an active antivirus running I confirmed with my team that the anti-virus that was on the server would be automatically updated, funded by the company so that it wouldn't expire, and was installed. Therefore, the first and third options would be functionally the same. This is because whether or not the anti-virus program was running, Outlook wouldn't know and would put up the prompt to warn me that an outside program was attempting to use the inbox.

By choosing the third option, I was able to have the script run correctly without the need for a user to select "Allow" repeatedly on the resulting prompts.