Global vs Project blacklisting
JEMH provides blacklisting at a global level that applies instance wide. Since JEMH 2.2.1 (JIRA 7.4.x+), this same feature has been implemented at as scoped level for Project Administrators. This enables delegated responsibility to Project Admins to blacklist emails and attachments they don't want to see in their project. The Project view also includes all global applicable blacklist items. System Admins can administer project blacklist items through the Global Blacklist view:
|Project View||Global View|
How to stop attachments appearing
You have incoming email from users with HTML signatures, embedded Facebook/Twitter logos etc, as well as company logos. They add no value and you don't want thousands of them clogging up your JIRA. JEMH has several ways to blacklist attachments:
Turn off attachments
This is a JEMH specific switch, such that email sourced attachments can be blocked entirely.
Filename blocking /type blocking
Blocking embedded images such as image0.png will potentially result in unforeseen consequences, such as inline pasted content that may have an identical name, but could work for my-company-sig.png.
Its also possible to whitelist/blacklist based on type. To blacklist PNG, EXE and MP3, for example, use: png,exe,mp3 as values in Email > Attachments > Blacklist Attachment Types (csv)
Targeted attachment blocking
Based on MD5 hash fingerprint, it is suitable for surgical removal of only binary matching content.
Blacklisting Emails by Subject
The Blacklist Subject values are regular expressions, for example, any email that starts with the phrase Out of Office can be matched with the expression
Out of Office.* ,note the trailing "dot star", this is a special value, dot means any character, and star means any number of the preceding character, if you were to use only
Out of Office* that would mean a match to only
Out of Officeeeeeeeeeeeeeeeeeeeee!
Blacklisting by file type
The setting Profile > Email > Blacklist Attachment Types (csv) allows a comma-separated list of file extensions to be defined. When an attachment is found to have one of the listed file extensions, it will be blacklisted and will not be added to the issue.
What to filter
Value to use
|this-file-only.png||this-file-only.png||Will block only files with the exact given file name and extension|
All .png files
|Will block only files with the given file extension|
All .exe, .bat and .com files
Will block only files with a file extension in the comma separated list
Blacklisting Attachments by file size or MIME type
- Go to JEMH>Blacklisting
- Click Create a Blacklist by size
- Enter the file size (in bytes) and optionally a valid MIME media type
- Press submit to save
Blacklisting Attachments by MD5 file fingerprint
In this section, targeted attachment blocking will be used. This keeps a record of the MD5 hash of a file and compares it against incoming attachments. If a match is found, the attachment will not be added. Note that this blacklisting feature only works if the exact same attachment is found in an incoming email. For example, two image files can look exactly the same but if one of them has had some meta-data added to it (comments, camera information etc.) then they are considered different files.
Locate and save the file to be blocked
So I have the following issue created by email:
JIRA Attachments / thumbnails
Right clicking on the image you see in the Attachment list will give you a thumbnail, it will not work for blacklisting purposes, you will need the full image. To get the full image, use the file-name below the image.
This saves a file 'andy-welly.png' to your local machine.
Upload the blacklisted file/image to the JEMH Blacklist section:
- Go to the JEMH Blacklist screen:
- Click 'Blacklisted Attachment', scroll down to see the file upload form, and select the file:
- After submitting, the file will be shown as well as related meta-data:
Verify correct configuration
Re-executing the Test Case will now result in the following issue without the related image, regardless of how it was included (pasted in an embedded HTML form, attached etc.):
After blocking, check the Blacklisting section again, see that the time that the filter was applied is now reflected, as well as a running count on how many times that file has been filtered (1.3+). This information should allow the blacklisting list to be managed, rather than just added to.
Blacklist Image Attachments by URL
When HTML based emails are processed by JEMH, images contained in <img> tags can be converted to wiki markup that allows these images to be embedded in created issues or comments. In some cases undesirable images may be included as img tags rather than inline attachments, in these cases standard attachment blacklisting would not be sufficient to remove the attachments. Blacklisting image's by URL allows you to blacklist images that have been converted from image tags to wiki markup, this is useful when dealing with HTML based emails.
Url Blacklisting can be accessed via Blacklisting > Blacklist by URL
To create a new URL blacklisting rule press Create a Blacklisted Image URL which will create a new URL blacklisting rule with some placeholder configuration. Pressing the pencil icon next to the new rule will allow this placeholder configuration to be modified.
The URL of the image to be blacklisted can be defined as a regular expression within the Blacklist Image URL text field. Pressing Submit will save the configuration.
Blacklist a specific image via an exact URL match:
First of all obtain the exact URL of the image, you can find this by examining the content of an existing JIRA field and looking for the image URL within ! ! tags. In this example I am blacklisting an image of a goldfish via an exact URL match:
Blacklist all non HTTPS images via a Regular Expression match:
This is a basic example of how you could use a regular expression to match many different images without having to do an exact URL match. In this scenario we want to blacklist any images from being included if they are not loaded via HTTPS, this can be achieved by blacklisting all HTTP loaded images which will only allow HTTPS images to be loaded.
Using the following regular expression will blacklist all HTTP loaded images: