The Email tab allows you to configure email notifications for events.
In the Recipients (email addresses) field, specify the email addresses to which the application will send notifications. You can specify multiple addresses in this field, by separating them with semicolons.
In the SMTP servers field, specify mail server addresses, separating them with semicolons. You can use the following values:
- IPv4 or IPv6 address
- Windows network name (NetBIOS name) of the device
- DNS name of the SMTP server
In the SMTP server port field, specify the number of an SMTP server communication port. The default port number is 25.
If you enable the Use DNS MX lookup option, you can use several MX records of the IP addresses for the same DNS name of the SMTP server. The same DNS name may have several MX records with different values of priority of receiving email messages. Administration Server attempts to send email notifications to the SMTP server in ascending order of MX records priority. By default, this option is disabled.
If you enable the Use DNS MX lookup option and do not enable usage of TLS settings, we recommend that you use the DNSSEC settings on your server device as an additional measure of protection for sending email notifications.
Click the Settings link to define additional notification settings:
- Subject name (subject name of an email message)
- Sender email address
- ESMTP authentication settings
You have to specify an account for authentication on an SMTP server if the ESMTP authentication option is enabled for the SMTP server.
- TLS settings for the SMTP server:
You can select this option if you want to disable encryption of email messages.
- Use TLS if supported by SMTP server
You can select this option if you want to use a TLS connection to an SMTP server. If the SMTP server does not support TLS, Administration Server connects the SMTP server without using TLS.
- Always use TLS, check the server certificate for validity
You can select this option if you want to use TLS authentication settings. If the SMTP server does not support TLS, Administration Server cannot connect the SMTP server.
We recommend that you use this option for better protection of the connection with an SMTP server. If you select this option, you can set authentication settings for a TLS connection.
If you choose Always use TLS, check the server certificate for validity value, you can specify a certificate for authentication of the SMTP server and choose whether you want to enable communication through any version of TLS or only through TLS 1.2 or later versions. Also, you can specify a certificate for client authentication on the SMTP server.
You can specify TLS settings for an SMTP server:
- Browse for an SMTP server certificate file:
You can receive a file with the list of certificates from a trusted certification authority and upload the file to Administration Server. Kaspersky Security Center checks whether the certificate of an SMTP server is also signed by a trusted certification authority. Kaspersky Security Center cannot connect to an SMTP server if the certificate of the SMTP server is not received from a trusted certification authority.
- Browse for a client certificate file:
You can use a certificate that you received from any source, for example, from any trusted certification authority. You must specify the certificate and its private key by using one of the following certificate types:
You must specify a file with the certificate and a file with the private key. Both files do not depend on each other and the order of loading of the files is not significant. When both files are loaded, you must specify the password for decoding the private key. The password can have an empty value if the private key is not encoded.
You must upload a single file that contains the certificate and its private key. When the file is loaded, you must then specify the password for decoding the private key. The password can have an empty value if the private key is not encoded.
The Notification message field contains standard text with information about the event that the application sends when an event occurs. This text includes substitute parameters, such as event name, device name, and domain name. You can edit the message text by adding other substitute parameters with more relevant details of the event. The list of substitute parameters is available by clicking the button to the right of the field.
If the notification text contains a percent sign (%), you have to type it twice in a row to allow message sending. For example, "CPU load is 100%%".
Click the Configure numeric limit of notifications link to specify the maximum number of notifications that the application can send during the specified time interval.
Click the Send test message button to check if you have configured notifications properly. The application should send a test notification to the email addresses that you specified.