Endpoint DLP Plus has an option to send notifications by email. To send these email, the mail server has to be configured. Mail Server Settings can be configured in two ways:
OAuth is a standard authorization protocol that uses web tokens instead of passwords to allow delegated access to a protected resource. OAuth allows limited access to the users data, that is, the ability to share data for users without disclosing personal information. Therefore, we can choose to configure using OAuth authentication for sending mails from Endpoint DLP Plus server securely.
To configure OAuth Authentication,
Navigate to Admin tab->Mail Server Settings.
Choose OAuth under authentication type.
Specify the name and port of the mail server.
Provide the name of the sender, along with the sender's mail address and a test mail address.
Choose the email type. (Note: SMTPS is recommended since the connection to the mail server is encrypted.
Enable TLS if required.
Obtain Client ID, Client Secret, Authorize URL, Access Token URL and Scope from the authorization server using the Redirect URL.
You may choose to connect to the authorization server using a proxy if required.
Click Save. The user consent window of the mail server pops up.
Enter your login credentials and consent to the permissions requested.
You have configured OAuth authentication for mail server successfully.
Click the Admin tab to invoke the Admin page.
Under Server Settings, click the Mail Server Settings link.
Specify the name and port of the mail server.
Email Type : Indicates the type of mail email despatching (For example: SMTP, SMTPS).
TLS Enabled : Option to enable Transport Layer Security (TLS).
If it requires authentication, select the Requires Authentication check box and specify the user name and password.
Click Save to save the configuration.
Google and Microsoft will soon withdraw basic authentication support for mail servers by 30 May 2022 and 1 October 2022, respectively. Therefore, it is advisable for users to switch to OAuth authentication.
We have tested OAuth authentication with Microsoft Outlook(office365) and Gmail(Gsuite).
Yes. You can configure OAuth for an existing account.
Redirect URL or Reply URL is the URL to which the Authorization Server sends confidential response data. Copy-paste the Redirect URL to the application details in the Authorization Server and save it.
Check if you have added the application server's redirect URL to your authorization server's list of redirect URLs. Ensure that you have saved the settings.
When your access token gets expired, a new access token will be automatically generated using the refresh token.
For more details on configuring mail server settings using Gmail Account, visit this page.
To learn more about configuring Office 365 in mail server settings, click here.