authelia/docs/configuration/notifier/smtp.md

---
layout: default
title: SMTP
parent: Notifier
grand_parent: Configuration
nav_order: 2
---

# SMTP

**Authelia** can send emails to users through an SMTP server.
It can be configured as described below.

```yaml
# Configuration of the notification system.
#
# Notifications are sent to users when they require a password reset, a u2f
# registration or a TOTP registration.
# Use only an available configuration: filesystem, smtp.
notifier:
  # You can disable the notifier startup check by setting this to true.
  disable_startup_check: false

  # For testing purpose, notifications can be sent in a file.
  ## filesystem:
  ##   filename: /tmp/authelia/notification.txt

  # Use a SMTP server for sending notifications. Authelia uses PLAIN or LOGIN method to authenticate.
  # [Security] By default Authelia will:
  #   - force all SMTP connections over TLS including unauthenticated connections
  #      - use the disable_require_tls boolean value to disable this requirement (only works for unauthenticated connections)
  #   - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
  #     - trusted_cert option:
  #       - this is a string value, that may specify the path of a PEM format cert, it is completely optional
  #       - if it is not set, a blank string, or an invalid path; will still trust the host machine/containers cert store
  #     - defaults to the host machine (or docker container's) trusted certificate chain for validation
  #     - use the trusted_cert string value to specify the path of a PEM format public cert to trust in addition to the hosts trusted certificates
  #     - use the disable_verify_cert boolean value to disable the validation (prefer the trusted_cert option as it's more secure)
  smtp:
    username: test
    # Password can also be set using a secret: https://docs.authelia.com/configuration/secrets.html
    password: password
    host: 127.0.0.1
    port: 1025
    sender: admin@example.com
    # Subject configuration of the emails sent.
    # {title} is replaced by the text from the notifier
    subject: "[Authelia] {title}"
    # This address is used during the startup check to verify the email configuration is correct. It's not important what it is except if your email server only allows local delivery.
    ## startup_check_address: test@authelia.com
    ## trusted_cert: ""
    ## disable_require_tls: false
    ## disable_verify_cert: false
```

## Using Gmail

You need to generate an app password in order to use Gmail SMTP servers. The process is
described [here](https://support.google.com/accounts/answer/185833?hl=en)

```yaml
notifier:
  smtp:
    username: myaccount@gmail.com
    # Password can also be set using a secret: https://docs.authelia.com/configuration/secrets.html
    password: yourapppassword
    sender: admin@example.com
    host: smtp.gmail.com
    port: 587
```

## Loading a password from a secret instead of inside the configuration

Password can also be defined using a [secret](../secrets.md).
[DOCS] Bootstrap new documentation website based on just-the-docs (#659) 2020-02-29 00:43:59 +00:00			`---`
			`layout: default`
			`title: SMTP`
			`parent: Notifier`
			`grand_parent: Configuration`
			`nav_order: 2`
			`---`

			`# SMTP`

			`Authelia can send emails to users through an SMTP server.`
			`It can be configured as described below.`

			```yaml
[FEATURE] Customizable Email Subject (#830) * [FEATURE] Customizable Email Subject * allow users to optionally change email subject * this is so they can more easily communicate the source of the email * Update docs/configuration/notifier/smtp.md Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-04-09 00:21:28 +00:00			`# Configuration of the notification system.`
			`#`
			`# Notifications are sent to users when they require a password reset, a u2f`
			`# registration or a TOTP registration.`
[FEATURE] Notifier Startup Checks (#889) * implement SMTP notifier startup check * check dial, starttls, auth, mail from, rcpt to, reset, and quit * log the error on failure * implement mock * misc optimizations, adjustments, and refactoring * implement validate_skip config option * fix comments to end with period * fix suites that used smtp notifier without a smtp container * add docs * add file notifier startup check * move file mode into const.go * disable gosec linting on insecureskipverify since it's intended, warned, and discouraged * minor PR commentary adjustment * apply suggestions from code review Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> 2020-04-21 04:59:38 +00:00			`# Use only an available configuration: filesystem, smtp.`
[DOCS] Bootstrap new documentation website based on just-the-docs (#659) 2020-02-29 00:43:59 +00:00			`notifier:`
[FEATURE] Notifier Startup Checks (#889) * implement SMTP notifier startup check * check dial, starttls, auth, mail from, rcpt to, reset, and quit * log the error on failure * implement mock * misc optimizations, adjustments, and refactoring * implement validate_skip config option * fix comments to end with period * fix suites that used smtp notifier without a smtp container * add docs * add file notifier startup check * move file mode into const.go * disable gosec linting on insecureskipverify since it's intended, warned, and discouraged * minor PR commentary adjustment * apply suggestions from code review Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> 2020-04-21 04:59:38 +00:00			`# You can disable the notifier startup check by setting this to true.`
			`disable_startup_check: false`

			`# For testing purpose, notifications can be sent in a file.`
[FEATURE] Customizable Email Subject (#830) * [FEATURE] Customizable Email Subject * allow users to optionally change email subject * this is so they can more easily communicate the source of the email * Update docs/configuration/notifier/smtp.md Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-04-09 00:21:28 +00:00			`## filesystem:`
			`## filename: /tmp/authelia/notification.txt`

[DOCS] Bootstrap new documentation website based on just-the-docs (#659) 2020-02-29 00:43:59 +00:00			`# Use a SMTP server for sending notifications. Authelia uses PLAIN or LOGIN method to authenticate.`
			`# [Security] By default Authelia will:`
			`# - force all SMTP connections over TLS including unauthenticated connections`
			`# - use the disable_require_tls boolean value to disable this requirement (only works for unauthenticated connections)`
			`# - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates`
			`# - trusted_cert option:`
			`# - this is a string value, that may specify the path of a PEM format cert, it is completely optional`
			`# - if it is not set, a blank string, or an invalid path; will still trust the host machine/containers cert store`
			`# - defaults to the host machine (or docker container's) trusted certificate chain for validation`
			`# - use the trusted_cert string value to specify the path of a PEM format public cert to trust in addition to the hosts trusted certificates`
			`# - use the disable_verify_cert boolean value to disable the validation (prefer the trusted_cert option as it's more secure)`
			`smtp:`
			`username: test`
[FEATURE] File Secrets (#896) * [FEATURE] File Secret Loading * add a validator for secrets * run the secrets validator before the main config validator * only allow a secret to be defined in one of: config, env, file env * remove LF if found in file * update configuration before main config validation * fix unit tests * implement secret testing * refactor the secrets validator * make check os agnostic * update docs * add warning when user attempts to use ENV instead of ENV file * discourage ENV in docs * update config template * oxford comma * apply suggestions from code review * rename Validate to ValidateConfiguration * add k8s example * add deprecation notice in docs and warning * style changes 2020-04-23 01:11:32 +00:00			`# Password can also be set using a secret: https://docs.authelia.com/configuration/secrets.html`
[DOCS] Bootstrap new documentation website based on just-the-docs (#659) 2020-02-29 00:43:59 +00:00			`password: password`
			`host: 127.0.0.1`
			`port: 1025`
			`sender: admin@example.com`
[FEATURE] Customizable Email Subject (#830) * [FEATURE] Customizable Email Subject * allow users to optionally change email subject * this is so they can more easily communicate the source of the email * Update docs/configuration/notifier/smtp.md Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-04-09 00:21:28 +00:00			`# Subject configuration of the emails sent.`
			`# {title} is replaced by the text from the notifier`
			`subject: "[Authelia] {title}"`
[FEATURE] Notifier Startup Checks (#889) * implement SMTP notifier startup check * check dial, starttls, auth, mail from, rcpt to, reset, and quit * log the error on failure * implement mock * misc optimizations, adjustments, and refactoring * implement validate_skip config option * fix comments to end with period * fix suites that used smtp notifier without a smtp container * add docs * add file notifier startup check * move file mode into const.go * disable gosec linting on insecureskipverify since it's intended, warned, and discouraged * minor PR commentary adjustment * apply suggestions from code review Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> 2020-04-21 04:59:38 +00:00			`# This address is used during the startup check to verify the email configuration is correct. It's not important what it is except if your email server only allows local delivery.`
			`## startup_check_address: test@authelia.com`
			`## trusted_cert: ""`
[DOCS] Bootstrap new documentation website based on just-the-docs (#659) 2020-02-29 00:43:59 +00:00			`## disable_require_tls: false`
			`## disable_verify_cert: false`
			```

[BUGFIX] Add jekyll dependency in Gemfile. (#660) * [BUGFIX] Add jekyll dependency in Gemfile. * [Buildkite] Optimise documentation sync step * [DOC] Fix merge conflict for index.md * [DOC] Fix formatting issues 2020-02-29 05:15:03 +00:00			`## Using Gmail`
[DOCS] Bootstrap new documentation website based on just-the-docs (#659) 2020-02-29 00:43:59 +00:00
			`You need to generate an app password in order to use Gmail SMTP servers. The process is`
			`described [here](https://support.google.com/accounts/answer/185833?hl=en)`

			```yaml
			`notifier:`
[DOCS] Adjust yaml snippets and misc adjustments (#855) * [DOCS] Adjust yaml snippets * use two spaces * use yaml syntax highlighting * other misc uniformity changes * fix misc grammar * add responsible disclosure link Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> 2020-04-11 04:46:07 +00:00			`smtp:`
			`username: myaccount@gmail.com`
[FEATURE] File Secrets (#896) * [FEATURE] File Secret Loading * add a validator for secrets * run the secrets validator before the main config validator * only allow a secret to be defined in one of: config, env, file env * remove LF if found in file * update configuration before main config validation * fix unit tests * implement secret testing * refactor the secrets validator * make check os agnostic * update docs * add warning when user attempts to use ENV instead of ENV file * discourage ENV in docs * update config template * oxford comma * apply suggestions from code review * rename Validate to ValidateConfiguration * add k8s example * add deprecation notice in docs and warning * style changes 2020-04-23 01:11:32 +00:00			`# Password can also be set using a secret: https://docs.authelia.com/configuration/secrets.html`
[DOCS] Adjust yaml snippets and misc adjustments (#855) * [DOCS] Adjust yaml snippets * use two spaces * use yaml syntax highlighting * other misc uniformity changes * fix misc grammar * add responsible disclosure link Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> 2020-04-11 04:46:07 +00:00			`password: yourapppassword`
			`sender: admin@example.com`
			`host: smtp.gmail.com`
			`port: 587`
[FEATURE] Customizable Email Subject (#830) * [FEATURE] Customizable Email Subject * allow users to optionally change email subject * this is so they can more easily communicate the source of the email * Update docs/configuration/notifier/smtp.md Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-04-09 00:21:28 +00:00			```
[FEATURE] File Secrets (#896) * [FEATURE] File Secret Loading * add a validator for secrets * run the secrets validator before the main config validator * only allow a secret to be defined in one of: config, env, file env * remove LF if found in file * update configuration before main config validation * fix unit tests * implement secret testing * refactor the secrets validator * make check os agnostic * update docs * add warning when user attempts to use ENV instead of ENV file * discourage ENV in docs * update config template * oxford comma * apply suggestions from code review * rename Validate to ValidateConfiguration * add k8s example * add deprecation notice in docs and warning * style changes 2020-04-23 01:11:32 +00:00
			`## Loading a password from a secret instead of inside the configuration`

			`Password can also be defined using a [secret](../secrets.md).`