Setting Trust Level in web.config

Jamie Hartnoll picture Jamie Hartnoll · Jan 30, 2012 · Viewed 45.4k times · Source

I can't send email via ASP.NET and sent an email to my web hosts for some help and was told to modify my security settings and was sent a link:

http://forums.asp.net/t/1111145.aspx/1

I've read what it said there and tried setting <trust level="Full" originUrl="" /> in web.config, but then I get the error:

This configuration section cannot be used at this path. This happens when the site administrator has locked access to this section using <location allowOverride="false"> from an inherited configuration file.

I've not set any other web.config file.

So I asked the web hosts again, and asked if it was a server setting which I cannot change, but the response I got was just:

You'll need to specify a more specific path.

Which is lovely, but I've no idea what that means!

Having done a bit more digging I am wondering if I have to set up a separate trust file, is this correct?

Could someone point me in the direction of the correct way to set up my Trust level (I realise "full" is probably incorrect as well?) as I really don't understand what I am supposed to do!

Answer

user191966 picture user191966 · Jan 30, 2012

Trust levels are documented here: http://msdn.microsoft.com/en-us/library/ie/wyts434y.aspx. In shared hosting, providers lock that settings, so you cannot change in your web.config. If you clearly requested from your provider to allow full trust to your application, and if they responded with "huh?", then you were talking to an uneducated person - either request escalation or change hosts. "Please configure my application with full trust" should be clear enough. Note that they may not be willing to do that, once they understand your request.

Also, I cannot be sure that full trust is required to send mail out. Sending mail out involves ability to communicate to an SMTP server, and usually web hosts allow accessing only theirs and they block everything else (for spam prevention). You will not be able to talk them into making an exception for you, but if you ask "please tell me which smtp and port to use to send email out from my asp.net application", they should give it to you (otherwise, escalate or change hosts). You actually should have asked them to help you send mail out first, before you made conclusion that trust-level is what's obstructing it (now, I'm pretty sure it doesn't).

Also, read this, please: https://meta.stackexchange.com/questions/66377/what-is-the-xy-problem