How to configure email notifications Office365

Background

I am configuring email notifications with Graylog and after reading through the docs I finally found the configuration settings regarding the SMTP service we use. But I still have issues.

Research

Before attempting to set up the email notifications I read the following docs:

Perhaps for someone experienced in setting up such services the above information is more than enough. For me, not so much …

Problem

However, we are still not getting anything because we have a constant error.

The Graylog server encountered an error while trying to send an email. This is the detailed error message: org.apache.commons.mail.EmailException: Sending the email to the following server failed : smtp.office365.com:587 (javax.mail.MessagingException: Could not connect to SMTP host: smtp.office365.com, port: 587; nested exception is: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?)

Now, I understand that this error is a miss configuration from my side, no questions about that. After reading several discussions in the forum about setting email configs, this is the configuration I have now, but I am still not sure about some feilds:

# Email transport
transport_email_enabled = true
transport_email_hostname = smtp.office365.com
transport_email_port = 587
transport_email_use_auth = true
transport_email_use_tls = true
transport_email_use_ssl = true
transport_email_auth_username = noreply@company.me
transport_email_auth_password = noReplyPass
transport_email_subject_prefix = [graylog]
transport_email_from_email = graylog@example.com

According to the Outlook configuration settings I know at least the hostname and port are OK. I am not so sure about the rest:

Server name: smtp.office365.com
Port: 587
Encryption method: STARTTLS

STARTTLS upgrades unsecure connections to SSL / TLS, I know that I need to pick at least SSL to connect send an email.

The error above is with the SSL connection, but I have other questions as well.

Questions

  1. Do I need transport_email_auth_username and transport_email_auth_password? What are they used for?
  2. Do I need to use HTTPS to send and receive e-mails because of the SSL requirement? ( I am guessing that yes I need but a confirmation would be nice )

Thanks for the help!

This configuration setting expects the SMTP server to offer SMTP over SSL (SMTPS) but Office365 offers SSMTP (SMTP on submission port 587/tcp with optional connection upgrade with STARTTLS).

See also:

Yes. They are the credentials for the SMTP service. Without those, the SMTP service won’t allow you to send emails.

No, HTTPS and SMTP/SSMTP/SMTPS have nothing to do with each other.

mmm, interesting. So I take it that transport_email_use_ssl should be false and transport_email_use_tls = true should remain as is.

Good!
Now, after trying this configuration, I got one step closer to being able to send e-mails. I do however, have another error:

The Graylog server encountered an error while trying to send an email. This is the detailed error message: org.apache.commons.mail.EmailException: Sending the email to the following server failed : smtp.office365.com:587 (com.sun.mail.smtp.SMTPSendFailedException: 550 5.7.60 SMTP; Client does not have permissions to send as this sender [DB7PR05MB4380.eurprd05.prod.outlook.com] )

Which is interesting. I take it that from this message and from this post, my correct setup should be:

# Email transport
transport_email_enabled = true
transport_email_hostname = smtp.office365.com
transport_email_port = 587
transport_email_use_auth = true
transport_email_use_tls = true
transport_email_use_ssl = false
transport_email_auth_username = noreply@company.me
transport_email_auth_password = noReplyPass
transport_email_subject_prefix = [graylog]
transport_email_from_email = noreply@company.me

I keep finding posts that give me the impression some field is not being properly set:

But It is still failing. Is there any other configuration setting I am missing in Graylog?

Nope, that should suffice given that:

  • The user (“noreply@company.me”) has permission to send emails from the email address configured in transport_email_from_email.
  • The user (“noreply@company.me”) has permission to send emails from the email address configured in the email alarm callback.

Wooow, absolutely amazing.
That little detail completely missed me!

Everything works now, thanks !

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.