Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Current »


Product Name

CIS CSAT Pro - SecureSuite CIS Controls Self Assessment Tool

Product Version

v1.x.x

Date



Problem

I forgot my password OR I need a One-Time Password (OTP) for MFA OR I’m not receiving Safeguard workflow messages. How do I configure email to receive these messages?

Overview

  • CSAT Pro email configuration is optional, however, if you want to use OTP, MFA, or Safeguard workflow messages, then it must be configured

  • CSAT Pro utilizes the Grails mail plugin for email communication

  • The plugin assumes by default an unsecured mail server configured at localhost on port 25

  • To support SMTP services, such as Gmail, Hotmail, Amazon SES, or in-house SMTP services like Microsoft Exchange, go to the “Advanced Mail Settings” section to configure those services

Requirements

  • Must be able to connect to and utilize a valid SMTP server in order to send email messages

  • In order for the application to access the SMTP server, port 25 (default), 465 or 587 (depends on your email configuration) needs to be included as an outbound rule

  • Please follow this guidance on port usage: “Use port 587 if you can, 465 if you can’t, and 25 if you must.”

Solution 1

The first opportunity users have to configure email is when running the CSAT Pro installer. Here is some information on the fields:

  • Host/SMTP - the host name of the email server

  • Port - 587, 465, or 25

  • Username - enter an email address that is used as a username

  • Password - the password of the email address listed in username

  • Default Sender Email Address - the email address used for sending the emails

installer.PNG

For the optional “Advanced Settings” section, click on “Advanced Settings” for the section to appear. The question marks on the side of each setting provides additional information that helps fill out the settings.

  • mail.smtp.auth - If set to true, it attempts are made to authenticate the user using the AUTH command. Defaults to false.

  • mail.smtp.socketFactory.port - Specifies the port to connect to when using the specified socket factory. If not set, the default port will be used.

  • mail.smtp.socketFactory.class - If set, specifies the name of a class that implements the javax.net.SocketFactory interface. This class will be used to create SMTP sockets.

  • mail.smtp.socketFactory.fallback - If set to true, failure to create a socket using the specified socket factory class will cause the socket to be created using the java.net.Socket class. Defaults to true.

  • mail.smtp.starttls.enable - If set to true, enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands. Note that an appropriate trust store must be configured so that the client will trust the server’s certificate. Defaults to false.

Solution 2

If you have already run the CSAT Pro installer and would like to edit the mail configuration later on, then go to \(CSAT directory)\CSAT_Pro\conf and open the csat-config.yml file with the text editor of your choice. Once opened, edit the host, port, username, password, and from lines with your organization’s information.

If you are editing the csat-config.yml file manually, you may run into issues encrypting the password. In that scenario, run the CSAT Pro installer again by selecting “No, install into a different directory.”

The following screenshot is an example of what a basic configuration might look like:

config.PNG

For more information on the CSAT Pro installation process please see the Quick Start Guide for CSAT Pro installations.

Troubleshooting

If you have configured email in one of the two ways mentioned above, but you are still not receiving emails, then please send us your csat-config.yml file. Please see the resources for further assistance:

Keywords; CSAT Pro email configuration SMTP SMTPS MFA

Content by Label


Copyright © 2020

Center for Internet Security®


  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.