Title here
Summary here
SMTP
Configuration
This section is intended as an example configuration to help users with a rough contextual layout of this configuration section, it is not intended to explain the options.
The configuration shown may not be a valid configuration, and you should see the options section below and the navigation links to properly understand each option individually.
notifier:
disable_startup_check: false
smtp:
address: 'smtp://127.0.0.1:25'
timeout: '5s'
username: 'test'
password: 'password'
sender: "Authelia <admin@example.com>"
identifier: 'localhost'
subject: "[Authelia] {title}"
startup_check_address: 'test@authelia.com'
disable_require_tls: false
disable_starttls: false
disable_html_emails: false
tls:
server_name: 'smtp.example.com'
skip_verify: false
minimum_version: 'TLS1.2'
maximum_version: 'TLS1.3'
certificate_chain: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
private_key: |
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY----- Options
This section describes the individual configuration options.
address
Reference Note: This configuration option uses a common syntax. For more information please see both the configuration example and the Common Syntax: Address reference guide.
Configures the address for the SMTP Server. The address itself is a connector and the scheme must be smtp,
submission, or submissions. The only difference between these schemes are the default ports and submissions
requires a TLS transport per SMTP Ports Security Measures, whereas submission and smtp
use a standard TCP transport and typically enforce StartTLS.
Examples:
notifier:
smtp:
address: 'smtp://127.0.0.1:25'notifier:
smtp:
address: 'submissions://[fd00:1111:2222:3333::1]:465'timeout
Reference Note: This configuration option uses a common syntax. For more information please see both the configuration example and the Common Syntax: Duration reference guide.
The SMTP connection timeout.
username
string
not required
The username sent for authentication with the SMTP server. Paired with the password.
password
string
not required
Important Note: This can also be defined using a secret which is strongly recommended especially for containerized deployments.
The password paired with the username sent for authentication with the SMTP server.
It’s strongly recommended this is a Random Alphanumeric String with 64 or more characters and the user password is changed to this value.
sender
string
required
The sender is used to construct both the SMTP command MAIL FROM and to add the FROM header. This address must be
in RFC5322 format. This means it must one of two formats:
jsmith@domain.comJohn Smith <jsmith@domain.com>
The MAIL FROM command sent to SMTP servers will not include the name portion, this is only set in the FROM as per
specifications.
identifier
string
localhost
not required
The name to send to the SMTP server as the identifier with the HELO/EHLO command. Some SMTP providers like Google Mail reject the message if it’s localhost.
subject
string
[Authelia] {title}
not required
This is the subject Authelia will use in the email, it has a single placeholder at present {title} which should
be included in all emails as it is the internal descriptor for the contents of the email.
startup_check_address
string
test@authelia.com
not required
Authelia checks the SMTP server is valid at startup, one of the checks requires we ask the SMTP server if it can send an email from us to a specific address, this is that address. No email is actually sent in the process. It is fine to leave this as is, but you can customize it if you have issues or you desire to.
disable_require_tls
boolean
false
not required
For security reasons the default settings for Authelia require the SMTP connection is encrypted by TLS. See [security] for more information. This option disables this measure (not recommended).
disable_starttls
boolean
false
not required
Some SMTP servers ignore SMTP specifications and claim to support STARTTLS when they in fact do not. For security reasons Authelia refuses to send messages to these servers. This option disables this measure and is enabled AT YOUR OWN RISK. It’s strongly recommended that instead of enabling this option you either fix the issue with the SMTP server’s configuration or have the administrators of the server fix it. If the issue can’t be fixed via the SMTP server configuration we recommend lodging an issue with the authors of the SMTP server.
See [security] for more information.
disable_html_emails
boolean
false
not required
This setting completely disables HTML formatting of emails and only sends text emails. Authelia by default sends mixed emails which contain both HTML and text so this option is rarely necessary.
tls
Reference Note: This configuration option uses a common structure. For more information please see both the configuration example and the Common Structure: TLS reference guide.
Controls the TLS connection validation parameters for either StartTLS or the TLS socket.
Using Gmail
You need to generate an app password in order to use Gmail SMTP servers. The process is described here.
notifier:
smtp:
username: 'myaccount@gmail.com'
# Password can also be set using a secret: https://www.authelia.com/configuration/methods/secrets/
password: 'yourapppassword'
sender: 'admin@example.com'
host: 'smtp.gmail.com'
port: 587Prev
Notifications
Next
File System