Outlook: Other Security-Related Registry Settings
Learn about several other registry settings that can tighten security for your Outlook system.
February 23, 2003
What other security-related registry settings does Outlook 2002 support?
If you need to send a message by using a digital certificate that doesn't match your email address, you can change the HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0OutlookSecurity registry subkey's SupressNameChecks entry of type REG_DWORD. Set the entry value to 1 to stop Outlook from trying to match your email address with your security certificate. For more information about this change, see the Microsoft article "OL2002: How to Turn Off E-mail Matching for Certificates" (http://support.microsoft.com/?kbid=276597).
When you open an attachment from a mail message, Outlook copies the file to a system folder, then opens the copy. By default, Outlook generates a random folder name and creates that folder in the Temporary Internet Files folder. To create these temporary attachment copies elsewhere on the system, enter a new path as the value for the OutlookSecureTempFolder entry in the HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0OutlookSecurity subkey.
If you permit POP, IMAP, or HTTP accounts, you might want to disable password caching to disk. In the HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0OutlookSecurity subkey, create a REG_DWORD entry named EnableRememberPwd and set its value to 0. For more information about this change, see the Microsoft article "OL2002: Disabling Password Caching for Internet Protocols" (http://support.microsoft.com/?kbid=299377).
Outlook 2002 Service Pack 1 (SP1) and later let you disable HTML message content to thwart many spammers and avoid dangers from as yet unknown Microsoft Internet Explorer (IE) vulnerabilities. To the HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0OutlookOptionsMail subkey, add a REG_DWORD entry named ReadAsPlain and set its value to 1. After you restart Outlook, all messages that aren't digitally signed or encrypted appear in plaintext format. For more information about this change, see the Microsoft article "OL2002: Users Can Read Nonsecure E-mail as Plain Text" (http://support.microsoft.com/?kbid=307594).
To ensure that Outlook overwrites deleted information from a Personal Folders (.pst) file or an offline folders (.ost) file when you shut down Outlook, add a REG_DWORD entry named PSTNullFreeOnClose with a value of 1 to the HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0OutlookPST subkey. For more information about this change, see the Microsoft article "OL2000: New Outlook 2000 Feature Removes Deleted Data from .pst and .ost Files" (http://support.microsoft.com/?kbid=245776).
About the Author
You May Also Like