Company Logo not mapping to https correctly
Question asked by George Ascione - February 3, 2016 at 10:05 PM
Running the latest v14.5, I have a redirect setup in IIS for all HTTP traffic to redirect to HTTPS.  When I upload a Company Logo, it correctly shows in my admin panel as: https://xxxx.xxxxxxx.com/ImagesResourceHandler.ashx?file=2147483647.png - Save and Preview brings up an optimal result of showing the logo.
When I browse to my login page, the logo is blank and in the source, it is now: http://xxxx.xxxxxxx.com/ImagesResourceHandler.ashx?file=2147483647.png - And the image doesn't carry through the redirect, rightfully so as linked images won't follow a redirect.
I can host the image on another site and link it in my custom HTML.  However, the Company Logo is overriding the Custom HTML and the login page continues to show: http://xxxx.xxxxxxx.com/ImagesResourceHandler.ashx?file=2147483647.png instead of my new URL - Yes, I've made sure I saved, restarted the services for no reason and still no different result.
Either I need a way to ensure it actually uses HTTPS or a way to remove the uploaded image so the custom HTML works.

5 Replies

Reply to Thread
Bruce Barnes Replied
February 4, 2016 at 12:38 AM
We ran into the same issue with our logo and images initially.  Make certain that the location from which you are pulling the logo is accessed via a secure address.
More and more browsers are, by default, enforcing fully secure content on all encrypted pages.  It's now considered a "best practice." 
This is easily accomplished by placing a directory within the SmarterMail directory in the Program Files(x86)/SmarterMail/MRS/ directory 
We created a special folder within that director, for our customer's logos, and added them there, calling them via an HTTPS://securemail.chicagonettech.com/SPECIALDIRECTORYNAME/customerdirectory/image.EXT and it works perfectly, every time.
 - Bruce
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
Matt Petty Replied
February 4, 2016 at 8:23 AM
Employee Post
As a temporary fix you can just add https instead of http in the HTML area, it should work. I put a bug on the buglist to fix this.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
John Reid Replied
October 7, 2016 at 12:03 PM
This still appears to be broken. Bruce's suggestion does not work because the login form is overriding any attempt to change the URL to the logo. It is as if http://xxxx.xxxxxxx.com/ImagesResourceHandler.ashx?file=2147483647.png is hard coded. The Original poster mentioned this, and that he had tried to change the location where the image was hosted. Here it is from the OP in black and white:
"I can host the image on another site and link it in my custom HTML.  However, the Company Logo is overriding the Custom HTML and the login page continues to show: http://xxxx.xxxxxxx.com/ImagesResourceHandler.ashx?file=2147483647.png instead of my new URL - Yes, I've made sure I saved, restarted the services for no reason and still no different result."
I don't know why both answers suggest doing something he already stated does not work, but as Bruce pointed out - this is a serious issue. I can confirm the exact same behaviour. I have a folder with my logs in the root of C:\Program Files (x86)\SmarterTools\SmarterMail\MRS as Bruce suggested. However, when the page overrides your src= statement and changes it to http://xxxx.xxxxxxx.com/ImagesResourceHandler.ashx?file=2147483647.png no matter what you do, it doesn;t really make a difference.
Matt stated that he put in a bug. Has that gotten any traction? What is the status of the fix? It has been 8 months now. An update might be nice. Maybe the bug could be expedited since Matt's temporary fix is not a fix at all. I am using SmarterMail 15.3 Enterprise, so this issue has persisted through several versions now.
Thanks all.
John Reid Replied
October 7, 2016 at 2:36 PM
Update: I completely changed the image served by the server.
<img style='max-width:240px;max-height:140px;' src='https://shastaemail.com/Logo/ShastaLogo_sm.png' />
What Loads
<img style="max-width:240px;max-height:140px;" src="http://www.shastaemail.com:9998/ImagesResourceHandler.ashx?file=2147483647.png">
The image changes, so it looks like the new image. But the URL is rewritten to include a www subdomain, a 9998 port, and the  ImagesResourceHandler.ashx?file=2147483647. instead of my image. It looks right, but it is being served by an image handler that is breaking the https
In source it appears to be served like this:
<script type="text/javascript">
if (top.location.href.indexOf("Login.aspx") == -1) {top.location.href = "Login.aspx";}InjectInfo("<div id='companyinfo' style='max-width: 280px;'> <br /><b>Welcome to the new Shasta Webmail!</b></center><br /> <center>        <br /><img style='max-width:240px;max-height:140px;' src='http://www.shastaemail.com:9998/ImagesResourceHandler.ashx?file=2147483647.png' />        <br/>            </center><br /></div>", "Shasta Webmail");WebForm_AutoFocus('ctl00_MPH_txtUserName');//]]>
John Reid Replied
October 7, 2016 at 3:44 PM
<?xml version="1.0" encoding="utf-8"?>
    <HelpText>Webmail Help</HelpText>
    <LoginText>Shasta Webmail</LoginText>
    <LoginPageHtml>&lt;div id='companyinfo' style='max-width: 35px;'&gt; 
    &lt;table style='width:100%'&gt;
            &lt;td style='text-align: center;&gt;
                &lt;br /&gt;&lt;b&gt;Welcome to the new Shasta Webmail!&lt;/b&gt;
                &lt;br /&gt;
                &lt;br /&gt;&lt;img style='max-width:240px;max-height:140px;' src='https://shastaemail.com/Logo/Shasta-Com-Logo-250px.png' /&gt;
                &lt;br /&gt;
    <logoImage />
This is my newer table layout BTW

Reply to Thread