Fortinet black logo

EMS Administration Guide

Configuring SMTP Server settings

Configuring SMTP Server settings

You can set up an SMTP server to enable alerts for EMS and endpoint events. When an alert is triggered, EMS sends an email notification to the configured email address(es).

To configure SMTP server settings:
  1. Go to System Settings > SMTP Server.
  2. Set the following options:

    Server

    Enter the SMTP server name.

    Port

    Enter the port number.

    Security

    Select None, STARTTLS, or SMTPS for the security type, or select the Auto Detect button to automatically select the security type. If STARTTLS or SMTPS is selected, the Username and Password fields become available.

    Username

    Enter the username.

    Password

    Enter the password.

    From

    Enter the email address to send the alerts from.

    Reply-To

    Enter the email address to send the replies to.

    Subject

    The sent e-mail alert's subject.

    Recipients

    Enter email address(es) to send alerts to. Press Enter to add more email addresses.

    Test subject

    Test email's subject.

    Test message

    Test email's message.

    Test recipient

    Email address to send the test email to.

    Send Test Email

    Click the button to test the configured email settings.

  3. Click Save.
To confirm that the EMS server can verify the SMTP server certificate:

When using STARTTLS or SMTPS, the SMTP server presents a certificate to prove its identity. If the server hosting EMS does not have the corresponding CA in its certificate store, EMS cannot trust the SMTP server certificate and the connection fails to establish.

You can verify this using tools on the server hosting EMS to establish a secure connection to the SMTP server. Using openssl as an example, you can run the following from the Windows command line:

openssl s_client -starttls smtp -crlf -connect <smtp_url:port>

The following is an example of an SMTP URL and port: smtp.office365.com:587

The command output displays the certificate that the mail server offers in the first few lines, accompanied by unable to get local issuer certificate. This indicates that Windows cannot verify the certificate.

Configuring SMTP Server settings

Configuring SMTP Server settings

You can set up an SMTP server to enable alerts for EMS and endpoint events. When an alert is triggered, EMS sends an email notification to the configured email address(es).

To configure SMTP server settings:
  1. Go to System Settings > SMTP Server.
  2. Set the following options:

    Server

    Enter the SMTP server name.

    Port

    Enter the port number.

    Security

    Select None, STARTTLS, or SMTPS for the security type, or select the Auto Detect button to automatically select the security type. If STARTTLS or SMTPS is selected, the Username and Password fields become available.

    Username

    Enter the username.

    Password

    Enter the password.

    From

    Enter the email address to send the alerts from.

    Reply-To

    Enter the email address to send the replies to.

    Subject

    The sent e-mail alert's subject.

    Recipients

    Enter email address(es) to send alerts to. Press Enter to add more email addresses.

    Test subject

    Test email's subject.

    Test message

    Test email's message.

    Test recipient

    Email address to send the test email to.

    Send Test Email

    Click the button to test the configured email settings.

  3. Click Save.
To confirm that the EMS server can verify the SMTP server certificate:

When using STARTTLS or SMTPS, the SMTP server presents a certificate to prove its identity. If the server hosting EMS does not have the corresponding CA in its certificate store, EMS cannot trust the SMTP server certificate and the connection fails to establish.

You can verify this using tools on the server hosting EMS to establish a secure connection to the SMTP server. Using openssl as an example, you can run the following from the Windows command line:

openssl s_client -starttls smtp -crlf -connect <smtp_url:port>

The following is an example of an SMTP URL and port: smtp.office365.com:587

The command output displays the certificate that the mail server offers in the first few lines, accompanied by unable to get local issuer certificate. This indicates that Windows cannot verify the certificate.