CSAT Pro Email Configuration
Product Name
CIS CSAT Pro - SecureSuite CIS Controls Self Assessment Tool
Product Version
v1.10.0+
Date
Jan 31, 2024
Problem
I forgot my password OR I need a One-Time Password (OTP) for MFA OR I’m not receiving Safeguard workflow messages. How do I configure email to receive these messages?
Overview
CSAT Pro email configuration is optional, however, if you want to use OTP, MFA, or Safeguard workflow messages, then it must be configured
CSAT Pro utilizes the Grails mail plugin for email communication
The plugin assumes by default an unsecured mail server configured at
localhost
onport 25
To support SMTP services, such as Gmail, Hotmail, Amazon SES, or in-house SMTP services like Microsoft Exchange, go to the “Advanced Mail Settings” section to configure those services
Requirements
Must be able to connect to and utilize a valid SMTP server in order to send email messages
In order for the application to access the SMTP server, port 25 (default), 465 or 587 (depends on your email configuration) needs to be included as an outbound rule
Please follow this guidance on port usage: “Use port 587 if you can, 465 if you can’t, and 25 if you must.”
Solution 1
The first opportunity users have to configure email is when running the CSAT Pro installer. Here is some information on the fields:
Host/SMTP - the host name of the email server
Port - 587, 465, or 25
Username - enter an email address that is used as a username
Password - the password of the email address listed in username
Default Sender Email Address - the email address used for sending the emails
For the optional “Advanced Settings” section, click on “Advanced Settings” for the section to appear. The question marks on the side of each setting provides additional information that helps fill out the settings.
mail.smtp.auth
- If set to true, it attempts are made to authenticate the user using the AUTH command. Defaults to false.mail.smtp.socketFactory.port
- Specifies the port to connect to when using the specified socket factory. If not set, the default port will be used.mail.smtp.socketFactory.class
- If set, specifies the name of a class that implements thejavax.net.SocketFactory
interface. This class will be used to create SMTP sockets.mail.smtp.socketFactory.fallback
- If set to true, failure to create a socket using the specified socket factory class will cause the socket to be created using the java.net.Socket class. Defaults to true.mail.smtp.starttls.enable
- If set to true, enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands. Note that an appropriate trust store must be configured so that the client will trust the server’s certificate. Defaults to false.
Solution 2
If you have already run the CSAT Pro installer and would like to edit the mail configuration later on, then go to \(CSAT directory)\CSAT_Pro\conf
and open the csat-config.yml
file with the text editor of your choice. Once opened, edit the host
, port
, username
, password
, and from
lines with your organization’s information.
If you are editing the csat-config.yml
file manually, you may run into issues encrypting the password. In that scenario, run the CSAT Pro installer again by selecting “No, install into a different directory.”
The following screenshot is an example of what a basic configuration might look like:
For more information on the CSAT Pro installation process please see the Quick Start Guide for CSAT Pro installations.
Troubleshooting
If you have configured email in one of the two ways mentioned above, but you are still not receiving emails, then please send us your csat-config.yml
file. Please see the resources for further assistance:
https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2457927714
https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2110914728
CSAT Pro Deployment Guide - CIS Controls Self Assessment Tool Document Library
Keywords; CSAT Pro email configuration SMTP SMTPS MFA
Content by Label