This notice applies to you if you use JangoMail's "Connect to Internet Web Site Database" feature to pull email address data in real-time from your web site's database.
We've updated the web server script file that is used to allow JangoMail to connect to your web / database platform. This update applies to those customers using one of these three platforms:
- Active Server Page web site / Any ODBC compliant database
- Active Server Page web site / Microsoft SQL Server Database
- Active Server Page web site / Microsoft Access Database
This update does not apply to the PHP / MySQL platform, because the w_4.php file has never used the EnDeCrypt algorithm used in the w_x.asp files.
What is the update?
The update eliminates the EnDeCrypt encryption algorithm that was previously used in the w_x.asp files. The EnDeCrypt algorithm present in the w_x.asp files is an outdated encryption/decryption mechanism that we have deprecated in favor of using standard SSL (Secure Sockets Layer) security with the https protocol.
If you retrieve the appropriate w_x.asp file now from the Extract From My Database tab of JangoMail, the new w_x.asp file will no longer contain the lines of code that perform the decryption. If you have made your own custom modifications to the script file on your web server, you can update the file manually. Or, you can retrieve the updated file from JangoMail directly.
After the updated file is in place, you must click a button at the top of the Extract From My Database tab which will tell JangoMail to stop encrypting data using the EnDeCrypt algorithm when passing information to your web server.
To update your w_x.asp file manually:
- Comment out or delete the lines that perform the EnDeCrypt decryption.
- Deleting the RC4Initialize subroutine and EnDeCrypt function.
- Comment out or delete the two array declarations, "Dim sbox(255)" and "Dim key(255)"
- Click the button that appears at the top of the Extract From My Database page to update your JangoMail account so that data is no longer encrypted with EnDeCrypt before it's passed to your web server.
To retrieve the updated w_x.asp file from JangoMail:
- Login to your JangoMail account.
- Click the Extract From My Database tab.
- Click "retrieve the web server file" and follow the directions to download the appropriate file.
- Click the button that appears at the top of the Extract From My Database page to update your JangoMail account so that data is no longer encrypted with EnDeCrypt before it's passed to your web server.
Do I have to update my w_x.asp file?
We highly recommend that you do the update as soon as possible. The old versions of w_x.asp, with the EnDeCrypt mechanism, will continue to work through the end of the year. In early 2009, the option to use a w_x.asp file with the EnDeCrypt routines will no longer exist.
One final note:
There is a benefit to updating if you maintain multiple JangoMail accounts. The old w_x.asp files, with the EnDeCrypt mechanism, made use of a private key that was hard coded inside the routines, and a private key was unique to a single JangoMail account. Once you update to the new w_x.asp files, there will be no hard coded key, and this will allow the same version of the w_x.asp file to be used with multiple JangoMail accounts.
