q - is full trust required for sending SMTP messages within asp.net? q - does Winhost.com require any <mailSettings> within web.config? q - does Winhost.com require the NetworkCredential to be postmaster@domainName?
It depends on what component or application you are using. Regularly not. The ASP.Net method system.net.mail should work in medium trust. No, you can hard code the mail settings directly into the application, but bear in mind we do require SMTP authentication to be passed. As long as it is a valid POP3 account on our system it will work.
Ok, so here is my problem - I upgraded a site from ASP.NET 2.0 to ASP.NET 4.0. I changed the configuration of <mailSettings> within web.config to what I hoped would match the requirements of the Winhost.com SMTP server. Then I uploaded the site to a new account with Winhost.com. When I tried to send a message from http://daddis.net/contact-us.aspx, I got the following error: Server Error in '/' Application. ________________________________________ Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. … ________________________________________ Next, I removed the <mailSettings> from web.config and changed contact-us.aspx.cs to include the following: Code: using System.Net; using System.Net.Mail; private void SendMail() { MailMessage message = new MailMessage(); message.IsBodyHtml = false; message.From = new MailAddress(txtEmail.Text.Trim(), txtName.Text.Trim()); message.To.Add(new MailAddress(Globals.Settings.ContactForm.MailTo.Trim())); if (!string.IsNullOrEmpty(Globals.Settings.ContactForm.MailCC)) { message.CC.Add(new MailAddress(Globals.Settings.ContactForm.MailCC.Trim())); } message.Subject = string.Format(Globals.Settings.ContactForm.MailSubject.Trim(), txtSubject.Text.Trim()); message.Body = txtWebsite.Text.Trim() + " " + txtBody.Text.Trim(); SmtpClient smtp = new SmtpClient("mail.daddis.net"); try { NetworkCredential Credentials = new NetworkCredential("[email protected]", "xxxx"); smtp.Credentials = Credentials; smtp.Send(message); // redirect the user to the email confirmation page this.Response.Redirect("~/Email-Confirmation.aspx", true); //Exception contains information on each failed recipient } catch (SmtpFailedRecipientsException recExc) { // DEVNOTE: may be possible that some of the recipients succeeded and others failed for (int recipient = 0; recipient < recExc.InnerExceptions.Length - 1; recipient++) { SmtpStatusCode statusCode; //Each InnerException is an System.Net.Mail.SmtpFailed RecipientException statusCode = recExc.InnerExceptions[recipient].StatusCode; if ((statusCode == SmtpStatusCode.MailboxBusy) || (statusCode == SmtpStatusCode.MailboxUnavailable)) { //Log this to event log: recExc.InnerExceptions[recipient].FailedRecipient System.Threading.Thread.Sleep(5000); smtp.Send(message); } else { // // TODO: Log error: recExc.InnerExceptions[recipient].StatusCode or use statusCode // SendFailed(recExc.Message); } } } //General SMTP execptions catch (SmtpException smtpExc) { // TODO: Log error to event log using StatusCode information in //smtpExc.StatusCode SendFailed(smtpExc.Message); } catch (Exception ex) { // TODO: Log error to event log. SendFailed(ex.Message); } } private void SendFailed(string msg) { lblStatusOK.Visible = false; lblStatusKO.Visible = true; // TODO: log error throw new Exception(msg); } I am still getting the same error message: Server Error in '/' Application. ________________________________________ Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. Stack Trace: [SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.] System.Configuration.TypeUtil.GetTypeWithReflectionPermission(IInternalConfigHost host, String typeString, Boolean throwOnError) +669054 System.Configuration.RuntimeConfigurationFactory.Init(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord) +25 System.Configuration.RuntimeConfigurationFactory.InitWithRestrictedPermissions(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord) +90 System.Configuration.RuntimeConfigurationRecord.CreateSectionFactory(FactoryRecord factoryRecord) +58 System.Configuration.BaseConfigurationRecord.FindAndEnsureFactoryRecord(String configKey, Boolean& isRootDeclaredHere) +131 ________________________________________ Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1
This is a trust level error. Try setting the trust level on your application to a higher level. http://support.Winhost.com/KB/a657/changing-the-default-aspnet-trust-level.aspx
In my latest attempt, I stripped the try...catch block along with the exception processing code. Here is the latest version: Code: using System.Net; using System.Net.Mail; ... private void SendMail() { MailMessage message = new MailMessage(); message.IsBodyHtml = false; message.From = new MailAddress(txtEmail.Text.Trim(), txtName.Text.Trim()); message.To.Add(new MailAddress(Globals.Settings.ContactForm.MailTo.Trim())); if (!string.IsNullOrEmpty(Globals.Settings.ContactForm.MailCC)) { message.CC.Add(new MailAddress(Globals.Settings.ContactForm.MailCC.Trim())); } message.Subject = string.Format(Globals.Settings.ContactForm.MailSubject.Trim(), txtSubject.Text.Trim()); message.Body = txtWebsite.Text.Trim() + " " + txtBody.Text.Trim(); SmtpClient smtp = new SmtpClient("mail.daddis.net"); NetworkCredential Credentials = new NetworkCredential("[email protected]", "xxx"); smtp.Credentials = Credentials; smtp.Send(message); // redirect the user to the email confirmation page this.Response.Redirect("~/Email-Confirmation.aspx", true); } I am still getting the same trust-level error message, but I am not convinced that is the problem. I have used this code on several hosts in the past without having to elevate the trust level. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. Does the control panel have a tool that I can use to check the ACL assignments to my site's file system?
Did you change the trust level? I see this error mostly related to trust level and not the NTFS permission. Log into the server using IIS 7 Manager. Read this kb article. http://support.Winhost.com/KB/a628/using-the-microsoft-iis-70-manager.aspx Once you are connected, look for the button that is labeled Trust Level. Set the trust level to Medium, save it, then set it back to Full, then save it.