MAPI Evaluation Criteria
Topic Last Modified: 2008-08-07
MAPI can be used to access items and folders within public and private stores, as well as the properties stored along with each item. MAPI is used by various industry-standard e-mail clients, such as the Microsoft Exchange client, all versions of Microsoft Outlook, and Outlook Express. Developers can create clients that use MAPI, as well as MAPI servers and MAPI forms handlers. The information here only applies to MAPI client applications that access Exchange.
Caveats
MAPI is a mature mechanism used to access information in Exchange, and provides some capabilities available in no other API. However, MAPI does not work well outside an intranet, maintains an open connection for the duration of the MAPI session, and can be difficult to learn.
Functional Criteria
Criteria | Messaging Application Programming Interface (MAPI) |
---|---|
Application Domain |
Client applications that use MAPI access user mailbox and public folder information stored in Exchange, and user directory information stored in Active Directory. Client applications that use MAPI are typically e-mail clients and applications that require complex e-mail processing. |
Major Objects |
MAPI objects are all obtained through the IMAPISession object. The session object provides the client access to objects for working with MAPI profiles, status, message service provider administration, message store tables, and address books. The message store table contains objects for the message store, folders, messages, attachments, and recipients. The address book tables contain objects for messaging users and distribution lists. |
Data access model |
MAPI represents messages and users in hierarchical object fashion. |
Threading Models |
No specific threading prohibitions. However, applications that use free-threading should avoid sharing MAPI object instances among threads due to the high costs of marshalling the object. MAPI and MAPI service providers use free-threading. |
Application Architectures |
MAPI client applications are typically Windows forms-based client applications. However, N-tier applications can be written that use MAPI. |
Remote Usage |
MAPI uses Remote Procedure Calls (RPC) to communicate with the Exchange server. Typically RPC is intentionally blocked from passing through Internet firewalls. |
Transactions |
MAPI does not support transactions. |
Management Capabilities |
Information about this is not yet available here. |
Availability |
A MAPI stub currently ships with all versions of Windows. Microsoft Office installs its own MAPI subsystem when installing Outlook. No changes to MAPI are anticipated at this time. |
Development Criteria
Criteria | Messaging Application Programming Interface (MAPI) |
---|---|
Languages and Tools |
You can directly access MAPI only by using C or C++. |
Managed Implementation |
MAPI is an unmanaged component. Use of MAPI is not supported under the COM Interoperability layer of Visual Studio .NET and the .NET Framework. MAPI can be run on many 16- and 32-bit versions of Windows. |
Scriptable |
MAPI cannot be directly used in scripts. |
Test/Debug Tools |
No special debugging tools are needed to debug applications that use MAPI. |
Expert Availability |
Expert MAPI programmers can be difficult to find, and learning the technology can take a significant amount of time. In addition to the Microsoft communities, there are a relatively small number of high-quality third-party Web sites that provide helpful MAPI development information. |
Available Information |
Both Microsoft and third-party books describing MAPI programming are available. For more information about MAPI, see the MSDN Web site. |
Developer / Deployment Licensing |
No special licensing is required for developing by using MAPI. |
Security Criteria
Criteria | Messaging Application Programming Interface (MAPI) |
---|---|
Design-Time Permissions |
The developer must have permissions to access the data in the Exchange store. Exchange stores user and distribution list information in Active Directory, so developers who create MAPI client applications that access that information must have the ability to retrieve and set that information. |
Setup Permissions |
Setting up MAPI-based applications typically requires the user to be a local administrator, or to have rights to install software. |
Run-Time Permissions |
Running a MAPI-based application usually only requires that the user have sufficient permissions to access the data on the Exchange store. |
Built-in Security Features |
MAPI profiles can be password protected on most platforms. |
Security Monitoring Features |
Information about this is not yet available here. |
Deployment Criteria
Criteria | Messaging Application Programming Interface (MAPI) |
---|---|
Server Platform Requirements |
The Exchange servers on which user data is stored for users of the MAPI client application must be properly configured to allow access by MAPI clients. |
Client Platform Requirements |
The client application installer should verify that the proper version of MAPI is available on the computer, and that it is properly configured via the MAPISVC.INF file. |
Deployment Methods |
Applications that use MAPI can be deployed to client computers by using standard software distribution technologies. |
Deployment Notes |
The installer should verify that the correct version of MAPI is available. |