Hello, in this post, I will describe short tutorial about how to solve The specified string is not in the form required for an e-mail address. I found many people find this error on forums. Here is the error message:

As you can see above, that is the error message that you might find. So, what’s the problem?

OK, the problem in this case is not from the page itself, but it comes from your web.config file. This configuration file has a <system.net /> element that enables you to store information about the mail server and the from account. I will give you 2 examples below how it will crash your page:

<system.net>
  <mailSettings>
    <smtp from="you.yourprovider.com">
      <network host="smtp.yourprovider.com"/>
    </smtp>
  </mailSettings>
</system.net>

Please see the missing @ symbol in the mail address. And other error may come from incorrect encoded angled brackets, see this:

<system.net>
  <mailSettings>
    <smtp from="Your Name &lt;[email protected]">
      <network host="smtp.yourprovider.com"/>
    </smtp>
  </mailSettings>
</system.net>

This from attributes has an opening < character (encoded as &lt;) but lacks the closing > bracket. To avoid the error, make sure the e-mail address in the from attribute has a valid syntax and uses the right angled brackets (if you use both a name and an e-mail address) like this:

<system.net>
  <mailSettings>
    <smtp from="Your Name &lt;[email protected]&gt;">
      <network host="smtp.yourprovider.com"/>
    </smtp>
  </mailSettings>
</system.net>

If you are curious why your code crashed, then you can use Reflector and take a look in the class’s constructor code:

public MailMessage()
{
  this.body = string.Empty;
  this.message = new Message();
  if (Logging.On)
  {
    Logging.Associate(Logging.Web, this, this.message);
  }
  string from = SmtpClient.MailConfiguration.Smtp.From;
  if ((from != null) && (from.Length > 0))
  {
    this.message.From = new MailAddress(from);
  }
}

Here you can see that the code uses the (internal and static) MailConfiguration property of the SmtpClient class that in turn provides access to the From name and address. This name and address value is then passed into the constructor of the MailAddress class which performs the actual validation using its private ParseValue method.

Choosing Best ASP.NET Hosting with HostForLIFE.eu

We know that it is quite hard to find good asp.net hosting in Europe. Why you need to choose us to be your hosting partner?

HostForLIFE.eu is awarded Top No#1 SPOTLIGHT Recommended Hosting Partner by Microsoft (see www.microsoft.com/web/hosting/HostingProvider/Details/953). Our service is ranked the highest top #1 spot in several European countries, such as: Germany, Italy, Netherlands, France, Belgium, United Kingdom, Sweden, Finland, Switzerland and other European countries.

With more and more people and companies developing websites by Microsoft .NET technology, ASP.NET 4.5 shared web hosting comes to be the major solution provided by many web hosting companies. Most of people choose an ASP.NET 4.5 web host considering about .NET framework version, ASP.NET MVC support, SQL Server database, disk space or bandwidth but they usually ignore the most important feature “IIS security level”. That determines whether the ASP.NET 4.5 websites can run successfully on the shared web host. In result to, if you developing an ASP.NET 4.5 website that works well in the local development environment and attempt to run it in the ASP.NET 4.5 shared web host, you may get the following exception,

System.Security.SecurityException: That assembly does not allow partially trusted caller

This is caused by the security level of the ASP.NET 4.5 shared web host that your application is forced to run with the limited permission, by locking down the access to server file system, preventing the background threads, or interacting with COM interfaces, etc.

ASP.NET 4.5 Web Hosting Trust Levels

This security level is known as the Trust Level of IIS for ASP.NET 4.5 websites. 

It can be configured with the following setting:

• Full Trust: website can do everything that the account of the application pool can do on the web server. This is the most flexible configuration for running websites on the shared web hosts. You won’t have any problems unless your website accesses the system information.
• High Trust: websites are limited to call unmanaged code, e.g. Win32 APIs, COM interop.
• Medium Trust: websites are limited to access the file system except the website application directory, system registry, Code DOM, and more (we will talk it later), compared to High Trust.
• Low Trust & Minimal Trust: these two options restrict the websites seriously. Even they don’t allow websites to call the service out of process, such as database, network, etc. But we never saw an ASP.NET 4.5 shared web host configured with either one of these two options.

Full Trust and Medium Trust are two widely used levels in ASP.NET 4.5 shared web hosting. The full trust provides best flexibility but it has potential security issues to the shared server, especially when the web hosting provider doesn't have rich experience on setting up Windows permission and IIS. Compared to Full Trust, you have to review the website carefully before you go with a web host only supports Medium Trust Level. You can refer to the following checkpoints for the review,

• The website shall not call unmanaged APIs.
• The website shall not access to file system, system registry, event logs and anything else related to the system.
• The website shall not generate code for execution dynamically using Code DOM.
• The website shall not use XslTransform to transform something from XML using XSLT.
• The website has to be signed with a Strong Name.

Check with the web page from Microsoft about which namespaces and classes are not supported in Medium Trust environment. 

And here is quick way to confirm the compatibility of websites to Medium Trust Level, in the local environment,

1. Add partially trusted callers attribute into AssemblyInfo.cs file of the website project, as following code snippet,

[assembly: AllowPartiallyTrustedCallers]

2. Add the following line into the web.config,

<trust level="Medium" />

Suggestion

It's a tradeoff between these two trust level. But if you confirm that the website can run successfully with Medium Trust in your local environment, we suggest you choose an ASP.NET 4.5 web host with Medium Trust only. It shall be more secure and reliable anyway. If you host the website based on 3rd party framework such as DotNetNuke, or using 3rd party component, we recommend you going with Full Trust web host.