cancel
Showing results for 
Search instead for 
Did you mean: 

Sending Secure/Encrypted Email

JeffreyMcCormic
Level 4
Is it possible for BluePrism to utilize sending secure/encrypted email using a plugin such as Entrust using the built-in VBO or other methods?  Or would the process need to work within Outlook directly?
7 REPLIES 7

ParasPabari
Level 3
I was exploring use of reading encrypted email. Just wanted to check if you have found any solution to it.

------------------------------
Paras Pabari
RPA Lead
America/New_York
------------------------------

To all community member

I am also looking for solution(in term of VBO not for any setting in outlook) to read encrypted mail in Outlook. Is graph API is capable of doing this?

Legality can be another issue that bot should not allowed to read encrypted mail but still need a solution


------------------------------
Neeraj Kumar
Technical Architect
------------------------------

Hi @Neeraj Kumar,

Have you tried setting the Sensitivity input value when you call Send Email on the Outlook VBO?

Cheers,
​

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------

Hi @Neeraj Kumar,

Did you try .Net code to read the encrypted email in Outlook?​

------------------------------
Arika Jatwani Process Manager
------------------------------

Thanks a lot for your suggestions.

@ArikaJatwani - Do we have to pass the password in .net code to open the encrypted mails or there will be another approach to this.

BR//
Neeraj Kumar.​

------------------------------
Neeraj Kumar
Technical Architect
------------------------------

@Neeraj Kumar,

The encryption/decryption of emails should be handled by Outlook/Exchange itself as opposed to you doing it yourself. Refer to this article at Microsoft:

https://docs.microsoft.com/en-us/archive/blogs/dvespa/how-to-sign-or-encrypt-a-message-programmatically-from-oom

You should be able to extend the Outlook VBO to use the method described in that article to implement support for encryption and/or signing of outbound emails. I would suggest creating a copy of the Send Email action and make changes to it.

Cheers,
​

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------

@Neeraj Kumar,

I've looked into this a bit more. Creating an encrypted email in Outlook is pretty easy when you do it manually via the UI, but apparently Microsoft never really considered people would want to do this programmatically. 🤦‍♂️ Below is some code you can add to the Send Email action of the Outlook VBO that should allow you to do this though:

Const PR_SECURITY_FLAGS As String = "http://schemas.microsoft.com/mapi/proptag/0x6E010003"

' Check flags for Encryption and Signing.
If (Encrypt_Message) And (Sign_Message) Then 
	mail.PropertyAccessor.SetProperty(PR_SECURITY_FLAGS, &H3)
ElseIf (Encrypt_Message) Then
	mail.PropertyAccessor.SetProperty(PR_SECURITY_FLAGS, &H1)
ElseIf (Sign_Message) Then
	mail.PropertyAccessor.SetProperty(PR_SECURITY_FLAGS, &H2)
End If
​

There are a few things to be aware of though:

  • There are other examples on the internet that show this is a slightly cleaner fashion. In those cases they are performing a bitwise OR of any existing value of the PR_SECURITY_FLAGS property and the new value. That's all well and good, but my testing in v6.10.4 shows that when you try to pass any sort of VB variable into the SetProperty call results in a Type Mismatch exception. That's why I have 3 separate lines that basically do the same thing just with a different hardcoded value at the end. I tried using variables of type Long, Integer, UInteger, ULng, Int16, Int32, Object, and String. None of them worked. 🤷‍♂️
  • The code above expects that you'll define two input variables on the Send Email action called Encrypt Message and Sign Message, and those will be passed into the Code stage.
  • VERY IMPORTANT: If you make this change and you call the action on a runtime resource who's Outlook installation has NOT been previously configured to support sending emails with encryption and signing, a pop-up will show up that will block the BP process from moving ahead. The pop-up is basically a message stating that the Outlook client has not been configured with a proper Digital ID certificate that can be used for encryption and/or signing. At that point all you can do is click the OK button on the dialog to dismiss it. When you do that, you'll receive an exception in the Code stage stating that the action was aborted.
Cheers,


------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------