Setting up Secure Emails

As a system administrator, you can use the Automation Engine to send secure emails by using SMTPS. You can decide whether you configure one standard SMTP server, several ones (UC_SMTP_MYSERVER1, UC_SMTP_MYSERVER2, for example). SMTPS allows you to use TLS to secure the SMTP connection. SMTP parameters are available in the UC_CLIENT_SETTINGS, or if you use several SMTP servers with different Vara objects (e.g. UC_SMTP_MYSERVER1 etc.) for each individual server.

Important!

Only the Automation Engine and Java-based OS agents support user-defined Vara objects containing SMTP settings to override the SMTP settings set in UC_CLIENT_SETTINGS (UC_SMTP_MYSERVER); they also support the settings SMTP_PORT, SMTP_PROTOCOL, SMTPS_CERT. TLS is also supported. Other Agents ignore the mentioned SMTP(S) settings. Even if you configure SMTP_PORT, SMTP_PROTOCOL, or SMTPS_CERT, emails are sent from them using the default behavior of using SMTP_SERVER but with an unencrypted connection and through the default port 25. This behavior serves to maintain backward compatibility towards agents that support SMTP and will probably not receive any SMTP-related changes in the future.

Scenario 1

If you use the Automation Engine to send emails, you can choose to send emails through an SMTP server, which can be secured using TLS or not. To do so, follow the steps below:

  1. In your client, open the UC_CLIENT_SETTINGS variable.

  2. Define at least the following parameters:

    • SMTP_SERVER

      Host name of the SMTP server.

    • SMTP_PORT

      The port used to connect to the mail server

    • SMTP_ PROTOCOL

      The protocol that you want to use for authentication. You can use PLAIN to send emails through an unencrypted connection, STARTTLS for an opportunistic TLS connection, or TLS for a forced TLS connection through a port that supports TLS only.

    • SMTPS_ CERT

      The name of the certificate to be used for the STARTTLS and TLS protocols.

    • SMTP_FROM_ADDR

      Email address of the sender.

    For detailed information, see SMTP Parameters.

  3. Upload the email server's certificate to the UC_TRUSTEDCERTS Storage object in client 0 and name it properly as it must comply with your entry in the SMTPS_CERT parameter of the UC_CLIENT_SETTINGS variable.

    For details, see UC_TRUSTEDCERTS Storage Object.

  4. Use a script with the SEND_MAIL script function to verify your settings.

    Example:

    The following example sends an email to exactly one user, the cc parameter is not used. If the result shown in the activation report is 0, the email was successfully sent.

    :SET &OUT# = SEND_MAIL('test@maildomain.com',,'Test Email','This is a test email')

    :PRINT &OUT#

    Result shown in the activation report:

    2023-08-17 15:01:38 - U00020408 0000000000000000

  5. Ensure that the receiving email server processes the email properly and your email reaches the designated recipients.

Scenario 2

If you are using several SMTP servers, you can define all your SMTP parameters in the static UC_SMTP_MYSERVER variable. It contains the specifications for the email connection of one specific server. You can then use the secure email function with the MYSERVER parameter of the SEND_MAIL script function.

  1. In your client, create your UC_SMTP_MYSERVER static variable. Ensure that you replace the MYSERVER part in its name with the server name you define in SEND_MAIL (UC_SMTP_LOCALHOST, for example).

  2. Define at least the following parameters

    • SMTP_SERVER

      Host name of the SMTP server.

    • SMTP_PORT

      The port used to connect to the mail server

    • SMTP_ PROTOCOL

      The protocol that you want to use for authentication. You can use PLAIN to send emails through an unencrypted connection, STARTTLS for an opportunistic TLS connection, or TLS for a forced TLS connection through a port that supports TLS only.

      Important! The STARTTLS and TLS protocols require you to define the name of the certificate used for authentication in the SMTPS_CERT key.

    • SMTPS_ CERT

      The name of the certificate to be used for the STARTTLS and TLS protocols.

    • SMTP_FROM_ADDR

      Email address of the sender.

    For detailed information, see UC_SMTP_MYSERVER - SMTP Variable.

  3. Upload the email server's certificate to the UC_TRUSTEDCERTS Storage object in client 0 and name it properly as it must comply with your entry in the SMTPS_CERT parameter of the UC_CLIENT_SETTINGS variable.

    For details, see UC_TRUSTEDCERTS Storage Object.

  4. Use a script with the SEND_MAIL script function to verify your settings.

    Example:

    The following example sends an email to exactly one user by using the specified values of your UC_SMTP_MYSERVR static variable. If the result shown in the activation report is 0, the email was successfully sent.

    :SET &OUT# = SEND_MAIL('test@maildomain.com',,'Test Email','This is a test email',,,,MYSERVER)

    :PRINT &OUT#

    2023-08-17 15:06:45 - U00020408 0000000000000000

  5. Ensure that the receiving email server processes the email properly and your email reaches the designated recipients.

See also: