Fork me on GitHub Link Search Menu Expand Document Survey contribution
Help the team improve Authelia by taking this 10-second survey.

SMTP

Authelia can send emails to users through an SMTP server. It can be configured as described below.

Configuration

notifier:
  disable_startup_check: false
  smtp:
    host: 127.0.0.1
    port: 1025
    timeout: 5s
    username: test
    password: password
    sender: [email protected]
    identifier: localhost
    subject: "[Authelia] {title}"
    startup_check_address: [email protected]
    disable_require_tls: false
    disable_html_emails: false
    tls:
      server_name: smtp.example.com
      skip_verify: false
      minimum_version: TLS1.2

Options

host

type: integer

required: yes

The hostname of the SMTP server.

If utilising an IPv6 literal address it must be enclosed by square brackets and quoted:

host: "[fd00:1111:2222:3333::1]"

port

type: integer

required: yes

The port the SMTP service is listening on.

timeout

type: duration

default: 5s

required: no

The SMTP connection timeout.

username

type: string

required: no

The username sent for authentication with the SMTP server. Paired with the password.

password

type: string

required: no

The password sent for authentication with the SMTP server. Paired with the username. Can also be defined using a secret which is the recommended for containerized deployments.

sender

type: string

required: yes

The address sent in the FROM header for the email. Basically who the email appears to come from. It should be noted that some SMTP servers require the username provided to have access to send from the specific address listed here.

identifier

type: string

default: localhost

required: no

The name to send to the SMTP server as the identifier with the HELO/EHLO command. Some SMTP providers like Google Mail reject the message if it’s localhost.

subject

type: string

default: [Authelia] {title}

required: no

This is the subject Authelia will use in the email, it has a single placeholder at present {title} which should be included in all emails as it is the internal descriptor for the contents of the email.

startup_check_address

type: string

default: [email protected]

required: no

Authelia checks the SMTP server is valid at startup, one of the checks requires we ask the SMTP server if it can send an email from us to a specific address, this is that address. No email is actually sent in the process. It is fine to leave this as is, but you can customize it if you have issues or you desire to.

disable_require_tls

type: boolean

default: false

required: no

For security reasons the default settings for Authelia require the SMTP connection is encrypted by TLS. See [security] for more information. This option disables this measure (not recommended).

disable_html_emails

type: boolean

default: false

required: no

This setting completely disables HTML formatting of emails and only sends text emails. Authelia by default sends mixed emails which contain both HTML and text so this option is rarely necessary.

tls

Controls the TLS connection validation process. You can see how to configure the tls section here.

Using Gmail

You need to generate an app password in order to use Gmail SMTP servers. The process is described here

notifier:
  smtp:
    username: [email protected]
    # Password can also be set using a secret: https://www.authelia.com/docs/configuration/secrets.html
    password: yourapppassword
    sender: [email protected]
    host: smtp.gmail.com
    port: 587