How to decrypt and un-sign a message programmatically using the OOM No ratings yet.


This blog post demonstrates how to decrypt and un-sign a message programmatically using the Outlook Object Model.


Encrypt email messages

When you need to protect the privacy of an email message, encrypt it. Encrypting an email message in Outlook means it’s converted from readable in plain text into scrambled cipher text. Only the recipient who has the private key that matches the public key used to encrypt the message can decipher the message for reading. Any recipient without the corresponding private key, however, sees the indecipherable text.


Secure messages by using a digital signature

A digital signature attached to an email message offers another layer of security by providing assurance to the recipient that you – not an imposter – signed the contents of the email message. Your digital ID serves as your unique digital mark and signals the recipient that the content hasn’t been altered in transit.


How it works

The Microsoft Outlook Object Model does not provide direct support to decrypt or un-sign mail messages programmatically. However, you can create a solution that automatically decrypts and/or un-signs mail messages.

This solution consists on using the PropertyAcessor Object to set the MAPI Property PR_SECURITY_FLAGS In our demo we are stripping down the message from the encryption and sign flags by setting the PR_SECURITY_FLAGS property value to zero.


//If the message is either encrypted or signed, move a copy of the mailItem to the deleted items folder to decrypt and save to disk

MailItem mailItem = (selObject as MailItem);

MAPIFolder destFolder = (MAPIFolder)application.ActiveExplorer().Session.GetDefaultFolder(OlDefaultFolders.olFolderDeletedItems);

if ((int)GetExtendedPropertyValue(mailItem, prop) > 0)


       MailItem mailItemCopy = CopyMailItem(mailItem, destFolder);

       SetExtendedPropertyValue(mailItemCopy, prop, 0);

       if (saveItemFile(mailItemCopy, "(Decrypted)" + mailItemCopy.Subject.ToString()))


              MessageBox.Show("Operation Completed", "INFORMATION", MessageBoxButtons.OK, MessageBoxIcon.Information);


       //Release COM Objects


       mailItemCopy = null;


//Release COM Objects


mailItem = null;


destFolder = null;


The sample VSTO add-in checks if a message has any flags, encrypted or signed, then copies the message and moves the copy to the Deleted Items Folder to decrypt and un-sign thereby not touching the original message. Afterword’s it will export the decrypted and un-signed copy of the message to a disk file.


You can setup the following values for the PR_SECURITY_FLAGS property:

Message has no security
Message is encrypted
Message is signed
Message is signed and encrypted


Download the add-in solution here



PropertyAccessor Object (Outlook)

How to sign or encrypt mail messages programmatically

Encrypt email messages

Secure messages by using a digital signature


Change Log

Date Author Type Description
2018-12-12 Pedro Tomás e Silva Original

Please rate this


Leave a Reply

Your email address will not be published. Required fields are marked *