authelia/docs/configuration/notifier/smtp.md
James Elliott 9e9dee43ac
[FEATURE] Notifier Startup Checks (#889)
* implement SMTP notifier startup check
* check dial, starttls, auth, mail from, rcpt to, reset, and quit
* log the error on failure
* implement mock
* misc optimizations, adjustments, and refactoring
* implement validate_skip config option
* fix comments to end with period
* fix suites that used smtp notifier without a smtp container
* add docs
* add file notifier startup check
* move file mode into const.go
* disable gosec linting on insecureskipverify since it's intended, warned, and discouraged
* minor PR commentary adjustment
* apply suggestions from code review

Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>
2020-04-21 14:59:38 +10:00

2.8 KiB

layout title parent grand_parent nav_order
default SMTP Notifier Configuration 2

SMTP

Authelia can send emails to users through an SMTP server. It can be configured as described below.

# Configuration of the notification system.
#
# Notifications are sent to users when they require a password reset, a u2f
# registration or a TOTP registration.
# Use only an available configuration: filesystem, smtp.
notifier:
  # You can disable the notifier startup check by setting this to true.
  disable_startup_check: false

  # For testing purpose, notifications can be sent in a file.
  ## filesystem:
  ##   filename: /tmp/authelia/notification.txt

  # Use a SMTP server for sending notifications. Authelia uses PLAIN or LOGIN method to authenticate.
  # [Security] By default Authelia will:
  #   - force all SMTP connections over TLS including unauthenticated connections
  #      - use the disable_require_tls boolean value to disable this requirement (only works for unauthenticated connections)
  #   - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
  #     - trusted_cert option:
  #       - this is a string value, that may specify the path of a PEM format cert, it is completely optional
  #       - if it is not set, a blank string, or an invalid path; will still trust the host machine/containers cert store
  #     - defaults to the host machine (or docker container's) trusted certificate chain for validation
  #     - use the trusted_cert string value to specify the path of a PEM format public cert to trust in addition to the hosts trusted certificates
  #     - use the disable_verify_cert boolean value to disable the validation (prefer the trusted_cert option as it's more secure)
  smtp:
    username: test
    # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD
    password: password
    host: 127.0.0.1
    port: 1025
    sender: admin@example.com
    # Subject configuration of the emails sent.
    # {title} is replaced by the text from the notifier
    subject: "[Authelia] {title}"
    # This address is used during the startup check to verify the email configuration is correct. It's not important what it is except if your email server only allows local delivery.
    ## startup_check_address: test@authelia.com
    ## trusted_cert: ""
    ## disable_require_tls: false
    ## disable_verify_cert: false

Using Gmail

You need to generate an app password in order to use Gmail SMTP servers. The process is described here

notifier:
  smtp:
    username: myaccount@gmail.com
    # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD
    password: yourapppassword
    sender: admin@example.com
    host: smtp.gmail.com
    port: 587