Graylog Mail setup with relay server

Hello,

I am trying to setup our Graylog server to sent notification without any authentication as we can spare an O365 License. We have a relay server and I would like to make use of that. but I can’t get it work without credentials. Can someone please guide me on the setup.

Thanks,

Try to use for example local postfix forwarding to office365 with credentials. Google for: postfix relay office365

Its working with credentials(I do not wish to allocate a user license for this), I need to get alert from it using the internal relay server without authentication.

Check this article how to send mails from device or own mail relay to office365.


You can either use direct mail method or smtp relay.

1 Like

we already have a smtp relay setup in our environment, and its working fine with other application but not with graylog.

transport_email_use_tls = false (This works find with other application and works find when i use the authentication credentials in graylog.)

I please find the mail config in server.conf

Email transport

transport_email_enabled = true
transport_email_hostname = smtp.XXXXXXXX.net
transport_email_port = 25
transport_email_use_auth = false
transport_email_use_tls = false
transport_email_use_ssl = false
transport_email_auth_username = you@example.com
transport_email_auth_password = secret
transport_email_subject_prefix = [graylog]
transport_email_from_email = hXXlog@XXXXXXXX.com
transport_email_web_interface_url = https://hXXlog.XXXXXXX.net

I need know if there is any way i can get it to work without authentication using smtp relay.

I don’t use authentication to smtp relay and works fine in graylog 3.1.3. I use postfix with STARTTLS support as smtp relay and it works fine. I have setup these parameters:

transport_email_enabled = true
transport_email_hostname = mail.domain.com
transport_email_port = 25
transport_email_use_auth = false
transport_email_subject_prefix = [graylog]
transport_email_from_email = graylog@domain.com
transport_email_use_tls = true

If I were you, I would check:

  1. Check your smtp relay logs, if there is something…
  2. Check if your smtp relay support STARTTLS. Connect to smtp relay from graylog using telnet commands:

telnet mail.domain.com 25
EHLO graylog

Check if you find line: 250-STARTTLS. If yes, you can enable: transport_email_use_tls = true
Another check would be to connect using startls using openssl if you connect correctly:

openssl s_client -connect mail.domain.com:25 -starttls smtp
  1. If no, your smtp relay probably supports only SMTPS, try use transport_email_use_ssl = true.
  2. Check if you setup correct parameter transport_email_from_email, if your smtp relay allow this email address as a sender (i see you use .com in this parameter and .net on another, is it correct?)
  3. Check if you smtp relay doesn’t require full hostname as HELO parameter, because graylog use only graylog as helo.
1 Like

Finally I was able to find the cause and fix it, this was a firewall rule Issue from our side.
Without you help I would have not have fixed it.
Thanks a lot shoothub! :grinning: :+1: :handshake:

The guide you provided about a relay this also help me out in configuring the TLS settings on relay.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.