CSAT Pro Email Configuration

Problem

Overview

• CSAT Pro email configuration is optional, however, if you want to use OTP, MFA, or Safeguard workflow messages, then it must be configured

• CSAT Pro utilizes the Grails mail plugin for email communication

• The plugin assumes by default an unsecured mail server configured at localhost on port 25

• To support SMTP services, such as Gmail, Hotmail, Amazon SES, or in-house SMTP services like Microsoft Exchange, go to the “Advanced Mail Settings” section to configure those services

Requirements

• Must be able to connect to and utilize a valid SMTP server in order to send email messages

• In order for the application to access the SMTP server, port 25 (default), 465 or 587 (depends on your email configuration) needs to be included as an outbound rule

• Please follow this guidance on port usage: “Use port 587 if you can, 465 if you can’t, and 25 if you must.”

Solution 1

The first opportunity users have to configure email is when running the CSAT Pro installer. Here is some information on the fields:

• Host/SMTP - the host name of the email server

• Port - 587, 465, or 25

• Username - enter an email address that is used as a username

• Password - the password of the email address listed in username

• Default Sender Email Address - the email address used for sending the emails

Open

Screenshot of the Email Configuration step in the CSAT Pro installer

For the optional “Advanced Settings” section, click on “Advanced Settings” for the section to appear. The question marks on the side of each setting provides additional information that helps fill out the settings.

• mail.smtp.auth - If set to true, it attempts are made to authenticate the user using the AUTH command. Defaults to false.

• mail.smtp.socketFactory.port - Specifies the port to connect to when using the specified socket factory. If not set, the default port will be used.

• mail.smtp.socketFactory.class - If set, specifies the name of a class that implements the javax.net.SocketFactory interface. This class will be used to create SMTP sockets.

• mail.smtp.socketFactory.fallback - If set to true, failure to create a socket using the specified socket factory class will cause the socket to be created using the java.net.Socket class. Defaults to true.

• mail.smtp.starttls.enable - If set to true, enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands. Note that an appropriate trust store must be configured so that the client will trust the server’s certificate. Defaults to false.

Open

Advanced Settings section

Solution 2

If you have already run the CSAT Pro installer and would like to edit the mail configuration later on, then go to \(CSAT directory)\CSAT_Pro\conf and open the csat-config.yml file with the text editor of your choice. Once opened, edit the host, port, username, password, and from lines with your organization’s information.

The following screenshot is an example of what a basic configuration might look like:

Troubleshooting

If you have configured email in one of the two ways mentioned above, but you are still not receiving emails, then please send us your csat-config.yml file. Please see the resources for further assistance:

• https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2457927714

• https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2110914728

• https://csat-pro.docs.cisecurity.org/en/stable/source/CSAT%20Pro%20Deployment/#email-configuration

Keywords; CSAT Pro email configuration SMTP SMTPS MFA

Content by Label