Saturday, May 14, 2011

Sending a message with a classification in EWS in C# and Powershell

Message classifications have been around since Exchange 2007 and are a feature of Exchange that allows you to setup your email system to add classification to messages to comply with e-mail policies and regulatory responsibilities that Governments and other bodies may require of an organization. If you want to set a message classification on a Message your sending pro-grammatically via EWS you need to first find out what the GUID of the classification you want to set is. There are a few ways of doing this the easiest is using the Get-MessageClassification cmdlet http://technet.microsoft.com/en-us/library/aa996911.aspx the value you will need for your app or script is the ClassificationID which represents the PidLidClassificationGuid Mapi property which if you’re playing around with Transport Agents this gets converted into the x-ms-exchange-organization-classification x-header. You can also grab it out of your classification xml file if you have deployed it to Outlook.

All the properties that relate to classification are documented in http://msdn.microsoft.com/en-us/library/ee217686%28v=EXCHG.80%29.aspx. At the most basic level if you want to set a classification on a message your sending you need to set the following two properties on that message.

PidLidClassificationGuid which you set to the GUID of the classification you want applied to the message

PidLidClassified which is a Boolean that tells the Exchange this message is classified.

With the EWS Managed API in C# this look like

EmailMessage emEmailMessage = new EmailMessage(service);
emEmailMessage.ToRecipients.Add("user@domaim.com");
emEmailMessage.Subject = "test Classify";
emEmailMessage.Body = new MessageBody("test");
ExtendedPropertyDefinition PidLidClassificationGuid = new ExtendedPropertyDefinition(DefaultExtendedPropertySet.Common, 34232, MapiPropertyType.String);
emEmailMessage.SetExtendedProperty(PidLidClassificationGuid, "e67e794b-f6d1-4c8f-9f63-1118d21dafa6");
ExtendedPropertyDefinition PidLidClassified = new ExtendedPropertyDefinition(DefaultExtendedPropertySet.Common,34229, MapiPropertyType.Boolean);
emEmailMessage.SetExtendedProperty(PidLidClassified, true);
emEmailMessage.SendAndSaveCopy();

In Powershell it looks like

$MailboxName = "user@domain.com"
$dllpath = "C:\Program Files\Microsoft\Exchange\Web Services\1.1\Microsoft.Exchange.WebServices.dll"
[void][Reflection.Assembly]::LoadFile($dllpath)
$service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2010)
#$service.Credentials = New-Object System.Net.NetworkCredential("glen@domain.com","password")
$service.AutodiscoverUrl($MailboxName,{$true})
$message = New-Object Microsoft.Exchange.WebServices.Data.EmailMessage($service)
$message.Subject = "Test"
$message.Body = "Test 123"
$message.ToRecipients.Add("user@domain.com")
$PidLidClassificationGuid = New-Object Microsoft.Exchange.WebServices.Data.ExtendedPropertyDefinition([Microsoft.Exchange.WebServices.Data.DefaultExtendedPropertySet]::Common, 34232,[Microsoft.Exchange.WebServices.Data.MapiPropertyType]::String);
$message.SetExtendedProperty($PidLidClassificationGuid, "e67e794b-f6d1-4c8f-9f63-1118d21dafa6");
$PidLidClassified = New-Object Microsoft.Exchange.WebServices.Data.ExtendedPropertyDefinition([Microsoft.Exchange.WebServices.Data.DefaultExtendedPropertySet]::Common,34229,[Microsoft.Exchange.WebServices.Data.MapiPropertyType]::Boolean);
$message.SetExtendedProperty($PidLidClassified, $true);
$message.Send.Invoke()

2 comments:

Anonymous said...

Enjoyed your post.

Is there a way to create an e-mail for the current logged in user without having to pass the password?

Glen said...

Exchange Web Services because it accesses a Mailbox will always need some sort of security context. eg if you want to send mail as fred smith you will need to have freds credentials or be granted rights to sendas fred or have EWS Impersonation rights for Fred

An alternative would be SMTP relay which doesn't require any permissions as such

Cheers
Glen