How to Configure System Email Notifications

Some services on the CloudGen Firewall can be configured to send email notifications. To send an email, you must configure an email server and select an appropriate authentication method.

As an option, when using an Exchange Server, you can also authenticate via the Azure Cloud using Entra. However, for this specific case, you must ensure that you have already configured an App, a Client ID, a Client Secret, and a Tenant ID in the Azure Cloud.

For more information, see How to use Azure Entra Authentication for MS-Exchange in Office365Preview.

Services Using System Email Notifications

• Virus Scanning service

• Advanced Threat Protection (ATP)

• Events

Configure Email Notification

1. Go to CONFIGURATION > Configuration Tree  > Box > Administrative Settings.

2. Click Lock.

3. In the left menu, select Notifications.

4. For Sender Address, enter the email address to which to send the email.

5. For Notification Address, enter the address where all email notifications should be sent.

6. In the SMTP Server field, enter the hostname or IP address of the SMTP server that should be used when sending email notifications.

7. The SMTP Port is the port that the SMTP server uses to send notifications. This field is already preset with the default value of 25. You can change this value to match your requirements.

8. For the Authentication Method, select one of the following options:

   • None – No authentication scheme will be used.

   • Plain – User and password will be transferred to the mail server in a common string which is BASE64 encoded and unencrypted.

   • Login – User and password will be transferred to the mail server in two separate strings where each one is BASE64 encoded and unencrypted.

   • Cram-MD5 – CRAM-MD5 is challenge-response authentication mechanism based on the HMAC-MD5 algorithm.

   • Digest-MD5 – Digest-MD5 is a cryptographic hash-function that creates a 128 bit hash.

   • Entra ID – Authentication will be done via Azure Cloud authentication using Entra.
     When selecting Entra ID, the data entered for credential information is forwarded to Entra using Client ID, Client Secret, and Tenant ID.

9. (Option #1, non Azure Cloud authentication): Configure authentication credentials for the SMTP server:

   • SMTP User – Enter the username.

   • SMTP Password – Enter the password for the SMTP server.

10. (Option #2, Azure Cloud authentication): Configure the authentication credentials for Entra:

    • Client ID – Enter the Client ID for authenticating via Entra. This is the ID which you must have created according to the article https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#add-the-pop-imap-or-smtp-permissions-to-your-microsoft-entra-application, Pt. 1.

    • Client Secret – Enter the password for authenticating via Entra. This is the secret which you must have created according to the article https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#add-the-pop-imap-or-smtp-permissions-to-your-microsoft-entra-application, Pt. 2.

    • Tenant ID – Enter the Tenant ID provided through the configuration from the Azure Cloud.

11. (optional) If you want your notifications to be sent encrypted, select the check box STARTTLS or SMTPS.
    The evaluation is done in all fields regardless of whether STARTTLS and/or SMTPS or none of these are activated. SMTP Port is not evaluated if SMTP Server already includes the port number.
    STARTTLS tries to establish an encrypted connection, and if this fails, an unencrypted connection is used. SMTPS enforces an encrypted connection and refuses any unencrypted connection.  SMTPS uses port 465.
    
    
    

    Open

    

     

    • Example for O365

      • For SMTP Port, enter 587.

      • For Authentication Method, enter Login.

      • Activate the check box for STARTTLS.

12. (optional) If you want to test your configuration, click the button Notification Test.

    • Check your email account. If the message has been sent successfully to the configured mail server, you will see a mail with the following attributes:

    • Subject text – Test Notification.

    • Message content – Testing the Notification.

13. Click Send Changes and Activate.

All services that are configured to send notifications will now send emails to the specified address if required.