INSTALLATION AND CONFIGURATION MANUAL EMAILENCODER

Similar documents
Click Studios. Passwordstate. Upgrade Instructions to V7 from V5.xx

Perceptive Intelligent Capture Solution Configration Manager

metaengine DataConnect For SharePoint 2007 Configuration Guide

ScanJour PDF 2014 R8. Configuration Guide

FrontDesk. (Server Software Installation) Ver

Cache Configuration Reference

JISIS and Web Technologies

To install Multifront you need to have familiarity with Internet Information Services (IIS), Microsoft.NET Framework and SQL Server 2008.

RMCS Installation Guide

Published. Technical Bulletin: Use and Configuration of Quanterix Database Backup Scripts 1. PURPOSE 2. REFERENCES 3.

Installing the ASP.NET VETtrak APIs onto IIS 5 or 6

Sitecore Security Hardening Guide

EPiServer Operator's Guide

Release Notes: J-Web Application Package Release 15.1A1 for Juniper Networks EX Series Ethernet Switches

Click Studios. Passwordstate. Installation Instructions

Using LDAP for User Authentication

Using LDAP for User Authentication

Configuring Microsoft Internet Information Service (IIS6 & IIS7)

Wakanda Studio Features

Sitecore Ecommerce Enterprise Edition Installation Guide Installation guide for administrators and developers

Web Development. Owen Sacco. ICS2205/ICS2230 Web Intelligence

Kiwi Syslog Web Access SolarWinds, Inc.

Cyclope Internet Filtering Proxy. - Installation Guide -

MSOW. MSO for the Web MSONet Workstation Configuration Guide

4.2 Understand Microsoft ASP.NET Web Application Development

CREATE A CUSTOM THEME WEBSPHERE PORTAL

Access It! Universal Web Client Integration

Dashboard Skin Tutorial. For ETS2 HTML5 Mobile Dashboard v3.0.2

IceWarp to IceWarp Server Migration

Administrator's Guide

Ingenious Testcraft Technical Documentation Installation Guide

SafeGuard Enterprise Web Helpdesk. Product version: 6.1

Fusion Installer Instructions

Create Signature for the Scott County Family Y

Xtreeme Search Engine Studio Help Xtreeme

Adding ELMAH to an ASP.NET Web Application

Web Testing. Main Concepts of Web Testing. Software Quality Assurance Telerik Software Academy

TARGETPROCESS INSTALLATION GUIDE

1/4/12 Installing and Configuring WebDAV on IIS 7 : WebDAV for IIS 7.0 : Publishing Content to Web Sites : T

McAfee One Time Password

ConvincingMail.com Marketing Solution Manual. Contents

versasrs HelpDesk quality of service

This course provides students with the knowledge and skills to develop ASP.NET MVC 4 web applications.

OTP Server. Integration module. Nordic Edge AD Membership Provider for Microsoft ASP.NET. Version 1.0, rev. 6. Nordic Edge

Citrix StoreFront. Customizing the Receiver for Web User Interface Citrix. All rights reserved.

System Administration Training Guide. S100 Installation and Site Management

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

Taleo Enterprise. Career Section Branding Definition. Version 7.5

multiple placeholders bound to one definition, 158 page approval not match author/editor rights, 157 problems with, 156 troubleshooting,

Ekran System Help File

Administrator s Guide

Analytics Configuration Reference

Creating a Resume Webpage with

Installing Autodesk Vault Server 2012 on Small Business Server 2008

Short notes on webpage programming languages

Desktop Surveillance Help

Saving work in the CMS Edit an existing page Create a new page Create a side bar section... 4

Sitecore Dynamic Links

32-Bit Workload Automation 5 for Windows on 64-Bit Windows Systems

Installation & User Guide

TIBCO Spotfire Web Player 6.0. Installation and Configuration Manual

Administrator's Guide

SelectSurvey.NET Developers Manual

Webapps Vulnerability Report

Secure Messaging Server Console... 2

FileMaker Server 15. Custom Web Publishing Guide

Developer Tutorial Version 1. 0 February 2015

INSTALLATION GUIDE V2.1 (DRAFT)

TIBCO Spotfire Automation Services Installation and Configuration

Entrust Managed Services PKI Administrator s Quick Start Guide

Web Security School Final Exam

Using Logon Agent for Transparent User Identification

FileMaker Server 11. FileMaker Server Help

Identikey Server Windows Installation Guide 3.1

SafeGuard Enterprise Web Helpdesk. Product version: 6 Document date: February 2012

FileMaker Server 9. Custom Web Publishing with PHP

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

Xerox Multifunction Devices. Verify Device Settings via the Configuration Report

Web Portal User Guide. Version 6.0

Sophos Mobile Control Installation guide. Product version: 3

Entrust Managed Services PKI Administrator Guide

X-POS GUIDE. v3.4 INSTALLATION SmartOSC and X-POS

AD Phonebook 2.2. Installation and configuration. Dovestones Software

Notes on how to migrate wikis from SharePoint 2007 to SharePoint 2010

Installation Guide for Pulse on Windows Server 2012

Installation and configuration guide Installation & Configuration guide

Advantage for Windows Copyright 2012 by The Advantage Software Company, Inc. All rights reserved. Client Portal blue Installation Guide v1.

Novell ZENworks 10 Configuration Management SP3

Novell Identity Manager

User guide. Business

Acano solution. Acano Manager R1.1 FAQs. Acano. December G

c360 Portal Installation Guide

Click Studios. Passwordstate. Installation Instructions

Cascaded Lookup 5.0 User Guide

How to test and debug an ASP.NET application

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

How To Test Your Web Site On Wapt On A Pc Or Mac Or Mac (Or Mac) On A Mac Or Ipad Or Ipa (Or Ipa) On Pc Or Ipam (Or Pc Or Pc) On An Ip

Further web design: HTML forms

Richmond SupportDesk Web Reports Module For Richmond SupportDesk v6.72. User Guide

Transcription:

INSTALLATION AND CONFIGURATION MANUAL EMAILENCODER P R O F E S S I O N A L S O F T W A R E E N G I N E E R I N G Meridium AB 1 (19) 1(19)

CONTENTS 1 INTRODUCTION... 4 1.1 How does it work?... 4 1.2 Browser software supported... 4 1.3 Server software supported... 4 1.4 Web Accessibility Initiative (WAI) support... 4 2 INSTALLATION... 5 2.1 Installation Step 1 Choose web server... 5 2.2 Installation Step 2 Choose license file... 6 2.3 Installation Step 3 - Finish... 6 3 CONFIGURATION... 7 3.1 ConfigSections... 7 3.2 Http Modules... 7 3.3 Http Handlers... 7 3.4 EmailEncoderModule section... 8 3.4.1 Activate loose mailto filtering... 8 3.4.2 Activate loose callto filtering... 8 3.4.3 Activate strip not filtered mailto... 8 3.4.4 Activate strip not filtered callto... 9 3.4.5 Disable paths (start) for EmailEncoder... 9 3.4.6 Disable files/types for EmailEncoder... 10 3.4.7 Disable sessions for EmailEncoder... 10 3.4.8 Disable query string parameters for EmailEncoder... 11 3.4.9 Set alt text on mailto text-images... 11 3.4.10 Set alt text on callto text-images... 11 3.4.11 Force Content Encoding... 11 3.4.12 Email encoding modes... 12 3.4.13 Activate encoding on cached pages... 12 3.4.14 Add title to mailto links... 12 3.4.15 Disable encoding for authenticated users... 13 3.4.16 Control css style of generated image tags... 13 3.4.17 Control css class of generated image tags... 13 3.4.18 Log file... 13 3.4.19 Continue on error... 14 3.5 Embedded Handler section... 15 Meridium AB 2 (19) 2(19)

3.5.1 Set font for mailto text-images... 15 3.5.2 Set text color for mailto text-images... 15 3.5.3 Set background color for mailto text-images... 15 3.5.4 Set mailto text-images cache... 16 4 EPISERVER CONFIGURATION... 17 4.1.1 Activate strip not filtered mailto... 17 4.1.2 Disable paths for EmailEncoder... 17 4.1.3 Disable encoding for authenticated users... 17 5 UNINSTALLATION... 18 5.1 Disabling EmailEncoder... 18 5.2 Full uninstallation... 18 5.2.1 Remove configuration entries in the web.config file.... 18 5.2.2 Remove installed files... 19 Meridium AB 3 (19) 3(19)

1 INTRODUCTION EmailEncoder protects email addresses and Skype 1 links from being picked up by robots/sniffers by converting them to images with encrypted links. EmailEncoder can be applied to any ASP.NET solution without modifications, and works as a filter towards the web client. 1.1 How does it work? EmailEncoder is added as a HTTP module on the dot net web server and scans all ASP.NET pages that are delivered to the clients. When an email, mailto or callto 2 -link is found, this is encoded and is not readable by normal means to the reader of the page. When the browser then loads the page, the email information is decoded in runtime in the browser and made visible to the reader. This restricts reading the source of the page for retrieving email or Skype information since the email and Skype addresses are not visible in clear text. 1.2 Browser software supported EmailEncoder can be used on all Web browsers supporting JavaScript (according to the ECMA 262 specification 3 ) and W3C DOM specification 4 (Core version 2.0 and Events version 2.0 5 ). EmailEncoder also supports the major browser versions including (but not limited to): Browser Reference Microsoft Internet Explorer 5 or later http://www.microsoft.com/windows/ie Mozilla Firefox 1.0 or later http://www.mozilla.org/products/firefox Mozilla Firebird 0.7 or later http://ftp.mozilla.org/pub/mozilla.org/firebird Mozilla (1.7.3 verified) http://www.mozilla.org/products/mozilla1.x Opera (7.23 verified) http://www.opera.com Netscape 6.01 or later http://www.netscape.com 1.3 Server software supported The EmailEncoder is installed on a website running asp.net on a machine running Internet Information Services (IIS). It can be run under version 1.0, 1.1 and 2.0 of the dotnet framework. 1.4 Web Accessibility Initiative (WAI) 6 support Since version 1.1.0.0, EmailEncoder does not alter the encoded pages support for WAI in any way. If you choose to increase security by using generated images replacing the visible emails, you will hamper WAI support a bit, since no information besides the static alt text is added to the images. 1 Skype is software for IP-telephony. See www.skype.com for more information. 2 Callto links are used by Skype. 3 http://www.ecma-international.org/publications/standards/ecma-262.htm 4 http://www.w3.org/dom/ 5 http://www.w3.org/2003/02/06-dom-support.html 6 http://www.w3.org/wai/ Meridium AB 4 (19) 4(19)

2 INSTALLATION EmailEncoder is installed by running the installation application. The installation application copies the needed files, and makes the necessary modifications of the system configuration. The system configuration is modified by adding some keys to the web.config. Some of these keys are configurable as explained below. 2.1 Installation Step 1 Choose web server The installation application lets you choose the web server you wish to install EmailEncoder on by showing a drop down list with all web servers available on the computer. Meridium AB 5 (19) 5(19)

2.2 Installation Step 2 Choose license file Browse to the license file that you received with the installation package and choose it. The license file is named meridiumlicense.config. 2.3 Installation Step 3 - Finish Click on Finish to complete the installation. Meridium AB 6 (19) 6(19)

3 CONFIGURATION The installation program adds the following keys to web.config. 3.1 ConfigSections The ConfigSections need to contain two configuration sections for the EmailEncoder to work; one for the EmailEncoderModule and one for the EmbeddedHandler. <configsections> <sectiongroup name="se.meridiumkalmar.web"> <section name="embeddedhandler" type="system.configuration.namevaluesectionhandler, System, =1.0.3300.0, Culture=neutral,PublicKeyToken=b77a5c561934e089"/> <section name="emailencodermodule" type="system.configuration.namevaluesectionhandler, System, =1.0.3300.0, Culture=neutral,PublicKeyToken=b77a5c561934e089"/> </sectiongroup> </configsections> 3.2 Http Modules This activates the EmailEncoder module. If you want to deactivate EmailEncoder, just comment this add tag. <httpmodules> <add name="emailencodermodule" type="se.meridiumkalmar.web.emailencodermodule, EmailEncoder.Core" /> </httpmodules> 3.3 Http Handlers This activates the EmbeddedHandler. Without this EmailEncoder cannot deliver any images for email addresses. <httphandlers> <add verb="*" path="embed.aspx" type="se.meridiumkalmar.web.embeddedhandler, EmailEncoder.Core" /> </httphandlers> Meridium AB 7 (19) 7(19)

3.4 EmailEncoderModule section The EmailEncoder section contains all configuration settings for the encoding process, what to encode and how to do it. <se.meridiumkalmar.web> <emailencodermodule> <! -insert configuration items here--> </emailencodermodule> </se.meridiumkalmar.web> 3.4.1 Activate loose mailto filtering If activated, EmailEncoder will filter mailto links inside page links. If value is set to true, the following text will be filtered. href="mylink.aspx?action=mailto:nisse@mklsd.as" <add key="loosemailtohref" value="true"/> 3.4.2 Activate loose callto filtering If activated, EmailEncoder will filter callto links inside page links. If value is set to true, the following text will be filtered. href="mylink.aspx?action=callto://nisse_mklsd_as/" <add key="loosecalltohref" value="true"/> 3.4.3 Activate strip not filtered mailto If activated EmailEncoder will strip texts that contains a mailto address but not are links. If value is set to true <a href="www.meridium.se" orgurl="mailto:info@meridium.se"/> Will be filtered to <a href="www.meridium.se" orgurl=""/> <add key="stripnotfilteredmailto" value="true"/> Meridium AB 8 (19) 8(19)

3.4.4 Activate strip not filtered callto If activated EmailEncoder will strip texts that contains a mailto address but not are links. If value is set to true <a href="www.meridium.se" callid="callto://meridium/"/> Will be filtered to <a href="www.meridium.se" callid=""/> <add key="stripnotfilteredcallto" value="true"/> 3.4.5 Disable paths (start) for EmailEncoder To disable the email encoding for one or more virtual paths set value to the paths that you want to disable EmailEncoder for, separated by & Always start and end the path with a slash if it is a folder. Always start the path with a slash if it is a complete path to a document. Values are case insensitive. <add key="disablevirtualpathstartingwith" value="/edit/"/> Disables EmailEncoder for all Requests to a path that starts with /edit/. <add key="disablevirtualpathstartingwith" value="/edit/&/admin/default.aspx"/> Disables EmailEncoder for all requests to a path that starts with /edit/ and requests for the file /admin/default.aspx. <add key="disablevirtualpathstartingwith" value=""/> Meridium AB 9 (19) 9(19)

3.4.6 Disable files/types for EmailEncoder To disable the email encoding for one or more files or file types the requested path is scanned and compared to the DisableVirtualPathEndingWith parameter. This parameter works like the DisableVirtualPathStartingWith and you can separate multiple values with an virtual paths set value to the paths that you want to disable EmailEncoder for, separated by & Values are case insensitive. <add key="disablevirtualpathendingwith" value=".asmx"/> Disables EmailEncoder for all web services. <add key="disablevirtualpathendingwith" value="news.aspx&.asmx "/> Disables EmailEncoder for all requests to files named news.aspx wherever they are located and all web services. <add key="disablevirtualpathendingwith" value=".asmx "/> 3.4.7 Disable sessions for EmailEncoder To disable the email encoding for one or more session keys and/or key-value pairs set value to the session keys and - if needed - their corresponding value that EmailEncoder should be disabled for, separated by & <add key="disablesession" value="user"/> Disables EmailEncoder for all Requests that have a session key named user. <add key="disablesession" value="user=peter&user=tom"/> Disables EmailEncoder for all Requests that have a session key named user with value peter or tom. <add key="disablesession" value=""/> Meridium AB 1010(19)

3.4.8 Disable query string parameters for EmailEncoder To disable the email encoding for one or more parameters and/or parameter-value pairs set value to the parameters and - if needed - their corresponding value that EmailEncoder should be disabled, for separated by & <add key="disableparam" value="editmode"/> Disables EmailEncoder for all requests that have a query string parameter named editmode. <add key="disableparam" value="editmode=true&user=peter"/> Disables EmailEncoder for all Requests that have a query string parameter named editmode with value true or a query string parameter named user with value peter. <add key="disableparam" value=""/> 3.4.9 Set alt text on mailto text-images The text specified as value will appear as alt-text on the mailto text-image. <add key="alttextonimages" value="this is a mailto link"/> 3.4.10 Set alt text on callto text-images The text specified as value will appear as alt-text on the mailto text-image. <add key="alttextoncalltoimages" value="this is a callto link"/> 3.4.11 Force Content Encoding The content encoding of the encoding output can be forced if the automatic parsing fails. <add key="contentencoding" value="iso-8859-1"/> Meridium AB 1111(19)

3.4.12 Email encoding modes The way the email addresses are encoded can be configured to the following values. Value Text Image TextAndImage None Description Encodes all visible email addresses as text (requires JavaScript support on the client) Encodes all visible email addresses as an image. Uses a combination of the above choices, when JavaScript is not supported by the client, the Email Address image is still visible Does not encode email addresses at all (disables the EmailEncoder) <add key="emailencodermode" value="textandimage"/> 3.4.13 Activate encoding on cached pages Normally encoding is done to pages before they are added to the cache, and encoding is not needed for cached pages. If you want to force encoding on cached pages, set the EncodeCache configuration to true. <add key="encodecache" value="true"/> 3.4.14 Add title to mailto links To increase WAI support you can activate this option that will add a title attribute to a mailto link that will contain the linked mailto:email@domain.com text. <add key="addtitleonmailtolinks" value="true"/> Meridium AB 1212(19)

3.4.15 Disable encoding for authenticated users Sometimes you want to disable encoding for authenticated users since you have already taken steps to validate the user. In that case you can add the following option to the configuration. Default is false. <add key="disableencodingforauthenticatedusers" value="true"/> 3.4.16 Control css style of generated image tags When EmailEncoder generates images for the visible addresses, the image is added without any attributes set to the image tag. Use the CssStyle property to set the style attribute for the rendered image tags. <add key="cssstyle" value="border:0;text-align:middle;"/> 3.4.17 Control css class of generated image tags When EmailEncoder generates images for the visible addresses, the image is added without any attributes set to the image tag. Use the CssClass property to set the class attribute for the rendered image tags. <add key="cssclass" value="myimageclass"/> 3.4.18 Log file If an error occurs in the EmailEncoder engine, you can activate logging by entering a path to a file where the errors will be logged. The path can either be relative from the websites root folder or if entered with the drive letter, an absolute path. <add key="logfile" value="errorlog.txt"/> Make sure that the server process has access rights to write to/create the file. Meridium AB 1313(19)

3.4.19 Continue on error If encoding of a page results in an error, this error is logged (if the log file is activated) and the error is displayed on the page. These error pages can be suppressed and instead of breaking the page, the original, non encoded page can be displayed. To activate this behavior set the ContinueOnError setting to true. Observe that if this option is activated, use the logfile to keep track of pages that are failing and fix these errors in these pages so they aren t unprotected. <add key="continueonerror" value="true"/> Meridium AB 1414(19)

3.5 Embedded Handler section The EmbeddedHandler is a part of email encoder that controls the images that is generated instead of visible email addresses. This section controls all settings regarding the image creation process. <se.meridiumkalmar.web> <embeddedhandler> <! -insert configuration items here--> </embeddedhandler> </se.meridiumkalmar.web> 3.5.1 Set font for mailto text-images If the displayed text for a mailto link contains the character @, EmailEncoder replaces the text with a text-image. To specify the font to be used in these cases use the following format: font name, size, fontstyle1, fontstyle2, etc. Font styles can be bold, italic, underline or strikeout. Replaces the display text that contains @ for all mailto links with a text-image with font verdana 8pt bold italics. <add key="font" value="verdana, 8, bold, italics"/> 3.5.2 Set text color for mailto text-images If the display text for a mailto link contains the character @ EmailEncoder replaces the text with a text-image. Set value to the text color that should be used in the text-image. <add key="foregroundcolor" value="#c0c0c0"/> 3.5.3 Set background color for mailto text-images The resulting image of a mailto link is created as a transparent gif. If the background of the page is another color than white, the resulting image can look jaggy or even disappear (especially if the foreground color is set to white). The solution is then to assign a background color to use when rendering the images. <add key="backgroundcolor" value="white"/> Meridium AB 1515(19)

3.5.4 Set mailto text-images cache If a special temporary path should be used for storing the email images cache. The ASPNET user s temp path is used by default. <add key="temppath" value="c:\temp"/> Meridium AB 1616(19)

4 EPISERVER CONFIGURATION Use the following settings for EmailEncoder when running an EPiServer solution. (These settings are automatically configured if you use the installation package for EPiServer.) 4.1.1 Activate strip not filtered mailto For EPiServer you want to set StripNotFilteredMailto to true in order to strip orgurl attributes on mailto links. <add key="stripnotfilteredmailto" value="true"/> 4.1.2 Disable paths for EmailEncoder For EPiServer you want to disable the admin, edit and util paths. <add key="disablevirtualpathstartingwith" value="/edit/&/admin/&/util/"/> 4.1.3 Disable encoding for authenticated users For DOPE to function correctly with email addresses, we have to disable encoding for authenticated users. <add key="disableencodingforauthenticatedusers" value="true"/> Meridium AB 1717(19)

5 UNINSTALLATION 5.1 Disabling EmailEncoder 1. To disable EmailEncoder, just comment the EmailEncoder httpmodule in the web.config file located at /configuration/system.web/httpmodules <add name="emailencodermodule" type="se.meridiumkalmar.web.emailencodermodule, EmailEncoder.Core" /> 5.2 Full uninstallation Uninstallation can be performed manually by following the steps below. 5.2.1 Remove configuration entries in the web.config file. 2. Remove the EmailEncoder http module located at /configuration/system.web/httpmodules <add name="emailencodermodule" type="se.meridiumkalmar.web.emailencodermodule, EmailEncoder.Core" /> 3. Remove the EmailEncoder http handler located at /configuration/system.web/httphandlers <add verb="*" path="embed.aspx" type="se.meridiumkalmar.web.embeddedhandler, EmailEncoder.Core" /> 4. Remove configuration for the emailencodermodule located at /configuration/se.meridiumkalmar.web/emailencodermodule <emailencodermodule> <add key="emailencodermode" value="textandimage" /> <add key="addtitleonmailtolinks" value="true" />... </emailencodermodule> 5. Remove configuration for the embeddedhandler located at /configuration/se.meridiumkalmar.web/embeddedhandler <embeddedhandler> <add key="font" value="verdana,14, underline" /> <add key="foregroundcolor" value="#33ccaa" />... </embeddedhandler> 6. If the se.meridiumkalmar.web element is empty, remove it aswell. (located at /configuration/se.meridiumkalmar.web) <se.meridiumkalmar.web> </se.meridiumkalmar.web> 7. Remove the section groups for emailencodermodule located at /configuration/configsections/sectiongroup[name= se.meridiumkalmar.web ]/section [name= emailencodermodule ] <section name="emailencodermodule" type="system.configuration.namevaluesectionhandler, System, =1.0.3300.0, Culture=neutral,PublicKeyToken=b77a5c561934e089" /> Meridium AB 1818(19)

8. Remove the section groups for embeddedhandler located at /configuration/configsections/sectiongroup[name= se.meridiumkalmar.web ]/section [name= embeddedhandler ] <section name="embeddedhandler" type="system.configuration.namevaluesectionhandler, System, =1.0.3300.0, Culture=neutral,PublicKeyToken=b77a5c561934e089" /> 9. If the se.meridiumkalmar.web sectiongroup definition is empty, remove it as well. configuration/configsections/sectiongroup[name= se.meridiumkalmar.web ] <sectiongroup name="se.meridiumkalmar.web"> </sectiongroup> 5.2.2 Remove installed files Remove the EmailEncoder.Core folder (and its included files) from the webservers bin folder. Meridium AB 1919(19)

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information