How to use an Encrypted SMTP Server on an Omada SDN Controller

Simple Mail Transfer Protocol (SMTP) is used for e-mail transmission. The original SMTP used plain text to transmit email, which was insecure. Various methods have been developed to encrypt SMTP data, such as TLS, SSL, and STARTTLS.

1. TLS/SSL Encryption.

TLS and SSL protocols are widely used for encryption. The SMTP server and client create a TLS or SSL encrypted connection, then transmit SMTP data over the secure connection. Well-known E-mail service providers that use this method include Gmail, Yahoo, etc.

The following is the configuration interface for mail server settings. You need to fill in the SMTP server address and SMTP service port. Depending to the requirement of your email service, you may need to enable SSL and authentication, then fill in the username and password of your mailbox.

Gmail is used as an example in this case to highlight the configuration.

SMTP: smtp.gmail.com

Port: 465

SSL: Checked

Authentication: Checked

Username: Your Gmail address (we use tplinksmb.fae@gmail.com as an example in this case)

Password: Gmail app password

Sender Address: Your Gmail address

Note: To configure the mail server successfully, we need to make sure the third-party mail server already supports SMTP service and allows us to log in. Take Gmail for example:

1. Gmail enables SMTP service by default but cannot directly log in. We need to set app password for Gmail then uses this password on the Omada controller to log in. For more information about how to configure the app password for Gmail, you can refer to https://support.google.com/accounts/answer/185833?hl=en
2. Gmail may restrict the location of the application accessing the Gmail account. If the Omada Controller is located in another Country or geographical location that is far from the location where you live and routinely access Gmail daily, you may need to open the browser on the PC in the Omada Controller website and log into Gmail. Doing so will effectively confirm with Gmail that the Omada Controller/OC200/OC300 and its IP Address belongs to you, and it will allow you to send emails through your application.

Different email services may have different methods to support third-party access. You need to configure this function based on your mailbox.

You can send a test email to one of your other mailboxes. If the mail server was correctly configured, you will receive a “succeeded” message just like the one above. Otherwise, you will receive a “failed” message.

2. STARTTLS Encryption.

With STARTTLS, SMTP servers and clients can choose to upgrade their existing unsecure connections into secure connections, using either TLS or SSL protocols. Omada SDN Controllers support STARTTLS, beginning with version 5.0. The E-mail service providers using this method include Microsoft Outlook, Amazon SES, etc.

To use STARTTLS encrypted SMTP on Omada SDN Controller, enable SMTP and enter the configurations, please note that SSL should not be checked.

We use Outlook as an example in this case:

SMTP: smtp-mail.outlook.com

Port: 587

SSL: Unchecked

Authentication: Checked

Username: Outlook email address

Password: Outlook email password

Sender Address: Specify a sender email

Many well-known E-mail service providers, including the mentioned above, support multiple encryption methods. For a detailed SMTP configuration guide, please contact your E-mail service providers for assistance.