dealing with Outlook (fwd)

[Justin Mason <jm...@jmason.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


FYI for anyone who's thinking of working with Outlook at the plugin/pst
level; spambayes have done the legwork ;)

- --j.

- ------- Forwarded Message
> Date:    Thu, 12 Aug 2004 14:09:07 -0500
> From:    "Seth Goodman" <se...@GoodmanAssociates.com>
> To:      <sp...@lists.abuse.net>
> Subject: Re: [spamtools] Constructing whitelists? 
> 
>  From: Ronald F. Guilmette
>  Sent: Thursday, August 12, 2004 1:21 PM
> 
> <...>
> 
>  There's no problem at all with that idea.  The only problem
>  is that with respect to the Outlook personal address list
>  and its contents, I have the same exact problem as I
>  originally stated I had for the Outlook `Sent' folder,
>  i.e. I have no idea of its internal format, and also, I am
>  not aware of any open source software tools to read and
>  decode those address book files.  So if anybody knows of
>  any open source tool which can perform THIS job, I would
>  very much like to be informed about that also.
> 
> open source != MS
> 
> Good luck on that one.
> 
>  >This feature was apparently added for the convenience
>  >of virus writers, who it appears were one of the key groups
>  >that set the design requirements for this product,
> 
>  Good point.
> 
>  So if I want source code for a software tool that can extract
>  addresses from a personal Outlook address book, I guess that
>  I should just go out and hire a virus writer!  Hummm.
>  I would have no problem with that.  At least this would give
>  them some honest work for a change... keeping them
>  off the streets and out of trouble for a short while.
> 
>  So now, where does one post a `HELP WANTED' ad for a virus writer?
> 
> They probably know more about the innards of Outlook than Microsoft
> does.  I really like the idea of hiring a virus writer for honest work,
> but I'd still watch my back.  You can take the boy out of the city ...
> You've really hit on a great idea, though.
> 
> If you want some guidance on the undocumented guts of Outlook, try Mark
> Hammond at the Spambayes project.  He was the lead in taking their (open
> source) Bayesian filter (Python for both 'nix and 'doze) and integrating
> it with Outlook.  Prior to that, and for all other mail clients,
> Spambayes used a browser-based interface.  IMHO, the integration job was
> very well done.  The project is open source, so you can see how they
> dealt with Outlook's non-standard (surprise!) message store.  As part of
> the MS insecurity through obscurity program, Outlook destroys all the
> MIME armor of a message before storing it in non-RFC2822 format, leaving
> you to guess what it previously looked like.  The Spambayes crowd has
> developed standalone utilities for exporting an Outlook message store
> into normal mbox files, which does the guessing for you.  At the very
> least, looking at their code will show you what you're up against.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFBG9QwQTcbUG5Y7woRAlubAJ9V1+dEDqNLCdU0bBxi8rXifzoeAQCgrfLv
dZsjmrt0GvUBMqvSUiNRo7M=
=bxOf
-----END PGP SIGNATURE-----

Re: dealing with Outlook (fwd)

[Loren Wilton <lw...@earthlink.net>]

> FYI for anyone who's thinking of working with Outlook at the plugin/pst
> level; spambayes have done the legwork ;)

In fact there at least a handful of PST readers (and some writers) available
if you look around.  Of varying quality and cost of course, with no direct
correlation between those two variables.

Interfacing to Outlook (but NOT OE) at the UI level is actually tollerably
well documented and MS provides a toolkit of sorts, and it is really not a
whole lot more arcane and baroque and convoluted than anything else in
Windoze (ie: it is incredibly bizarre and arcane, but there are people that
understand how to write that stuff).

Interfacing to OE at the UI level (like to add buttons for classifying spam
and ham) IS possible, but is *incredibly* arcane.  It basically requires
going in and subclassing the window and stealing the message loop to process
your own controls.

If anyone is interested in doing this, look at the PGP source, which is free
if you get an older version.  They have nicely integrated their stuff with
OE, including snarfing the message source, en/decrypting it, adding buttons,
and all manner of good stuff that would be very nice for a spam interface.

I considered this once, but after looking at the code I had stomache
problems for a week, and decided to work on something else...

        Loren