Changes

m
Line 81: Line 81:     
==EMail used as sender for automatic emails==
 
==EMail used as sender for automatic emails==
Set here the eMail that will be used by default by Dolibarr as eMail sender, if sender is not explicitly defined.
+
Set here the eMail that will be used by default by Dolibarr as eMail sender for automatic emails, if sender is not explicitly defined.
    
==Default sender email for manual sending==
 
==Default sender email for manual sending==
Line 94: Line 94:  
==Examples for common Mail server setup==
 
==Examples for common Mail server setup==
   −
This is some examples of values (for common email providers) to use to setup your emails with the SMTPs method and use the SMTP server of your email provider. Contact your email provider if it is not in this list or if you are not sure of which value to use to ask him the credentials (SMTP server, port, Use of TLS or not).
+
This is some examples of values (for common email providers) to use to setup your emails with the SMTPs method and use the SMTP server of your email provider. Contact your email provider if it is not in this list (or if you are not sure of which value to use) to ask him the credentials (SMTP server, port, Use of TLS or not).
   −
===Gmail (with login/pass or login/pass of application)===
+
===Gmail (with login and pass or application)===
    
*SMTP server: smtp.gmail.com
 
*SMTP server: smtp.gmail.com
 
*Port: 465
 
*Port: 465
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*SMTP Username: Your Gmail login (xxx@gmail.com or xxx@yourdomain.com)
 
*SMTP Username: Your Gmail login (xxx@gmail.com or xxx@yourdomain.com)
*SMTP Password: A generated application password (not your GMail password, see later)
+
*SMTP Password: A generated application password, without the spaces (NOT your GMail password, see later)
 
*Use TLS (SSL) encrypt: yes
 
*Use TLS (SSL) encrypt: yes
 
*Use TLS (STARTTLS) encrypt: no
 
*Use TLS (STARTTLS) encrypt: no
Line 114: Line 115:     
Note: With this mode, all sent emails are automatically added into "Sent" folder of the '''main account'''. If your are a Gsuite user with several users/mailboxes, prefer to use the next method.
 
Note: With this mode, all sent emails are automatically added into "Sent" folder of the '''main account'''. If your are a Gsuite user with several users/mailboxes, prefer to use the next method.
 +
 +
===Gmail (with OAuth2)===
 +
 +
Enable the module OAuth2.
 +
Into OAUTH2 module setup, create an OAuth2 entry for Google provider with the 3 scopes:
 +
* gmail_full  (=https://mail.google.com/)  or https://www.googleapis.com/auth/gmail.readonly or https://www.googleapis.com/auth/gmail.modify)
 +
Go on the Tab Token Management to generate a token for this OAUth2 service.
 +
 +
Now, into the Home - Setup - Email must be
 +
*Email sending method: SMTPs
 +
*Server: smtp.gmail.com
 +
*Authentication method: OAUTH2
 +
*User name: Your Gmail login (xxx@gmail.com or xxx@yourdomain.com)
 +
*OAUTH2 authentication service: Choose the entry created in OAUth2 setup
 +
*Port: 587
 +
*Use TLS (SSL) encrypt: no
 +
*Use TLS (STARTTLS) encrypt: yes
    
===Gmail (with mode relay of Gmail with Google Workspace - GSuite)===
 
===Gmail (with mode relay of Gmail with Google Workspace - GSuite)===
 +
 +
If you are a Gsuite user with several users/mailboxes, this mode is required if you want to have each user having its sent mails automatically stored into its own "Sent" directory of Gmail.
    
*SMTP server: smtp-relay.gmail.com
 
*SMTP server: smtp-relay.gmail.com
 
*Port: 587  ''<small>(Note from Google doc: If you use TLS: 587, if you don't use TLS: 25, 465 or 587)</small>''
 
*Port: 587  ''<small>(Note from Google doc: If you use TLS: 587, if you don't use TLS: 25, 465 or 587)</small>''
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*Use TLS: Depend on relay setup
 
*Use TLS: Depend on relay setup
 
*Login/Pass: Keep login/pass empty (Choice A). In such case, on your Google console for email, you must set "Allow some IP addresses only" and enter the public IP of your Dolibarr server (see later). Or (choice B) enter your GSuite email account and an "application" password that is not the password of your account but a second password generated from https://myaccount.google.com/security).
 
*Login/Pass: Keep login/pass empty (Choice A). In such case, on your Google console for email, you must set "Allow some IP addresses only" and enter the public IP of your Dolibarr server (see later). Or (choice B) enter your GSuite email account and an "application" password that is not the password of your account but a second password generated from https://myaccount.google.com/security).
   −
Note 1: You must first setup your Google account to relay outgoing email and to set the list of ip of your SMTP clients (https://admin.google.com, Application - GSuite - GMail - Advanced setup - Routing). Then choose "Accept all emails from my domain" or "Accept all", Choose "Enable TLS" and choose "SMTP authentication required" to no (Choice A) or yes (Choice B).
+
Note 1: You must first setup your Google account to relay outgoing email and to set the list of ip of your SMTP clients (https://admin.google.com, Apps/Application - GMail - Routing - SMTP Relay service). Then choose "Accept all emails from my domain" or "Accept all", Choose "Enable TLS" and choose "SMTP authentication required" to no (Choice A) or yes (Choice B).
    
*If you made Choice A, you must also enter the public ip address of the server of your Dolibarr in "Allow some IP addresses only".
 
*If you made Choice A, you must also enter the public ip address of the server of your Dolibarr in "Allow some IP addresses only".
Line 130: Line 151:     
Note 2: With this mode (A or B), emails sent can also be saved into the "Sent" folder if option "Stock a copy of all emails sent..." is on.
 
Note 2: With this mode (A or B), emails sent can also be saved into the "Sent" folder if option "Stock a copy of all emails sent..." is on.
  −
If you are a Gsuite user with several users/mailboxes, this mode is required if you want to have each user having its sent mails automatically stored into its own "Sent" directory of Gmail.
      
Note 3: If you try the choice A and got the error
 
Note 3: If you try the choice A and got the error
Line 145: Line 164:  
550 5.7.1  https://support.google.com/a/answer/6140680#invalidcred m24-20020a056512359800b004b22b1d52e4sm82237lfr.66 - gsmtp
 
550 5.7.1  https://support.google.com/a/answer/6140680#invalidcred m24-20020a056512359800b004b22b1d52e4sm82237lfr.66 - gsmtp
 
</pre>
 
</pre>
Then you can try to disable the "Enable TLS" or try to add a use and application password (so using a choice A+B)
+
Then you can try to disable the "Enable TLS" OR try to add the use of an application password (so you will use a choice A+B)
 +
 
 +
Note 4: for google workspace accounts, if you enable an automatic signature in the console admin.google.com - Apps - Gmail - Append footer, the signature content will be added after any email sent from the SMTP gateway. Because Dolibarr may also add one if you added it into your templates or manually in your messages, you may have duplicate signatures.
    
===iCloud===
 
===iCloud===
Line 154: Line 175:     
*Server: smtp.mail.me.com
 
*Server: smtp.mail.me.com
 +
*Port: 587
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*User name: Your iCloud Mail email address (Do include the domain name—what follows "@" in your iCloud Mail address; if your iCloud Mail email address is "me@icloud.com", for instance, do use "me@icloud.com" as the user name.)
 
*User name: Your iCloud Mail email address (Do include the domain name—what follows "@" in your iCloud Mail address; if your iCloud Mail email address is "me@icloud.com", for instance, do use "me@icloud.com" as the user name.)
 
*Password: iCloud Mail SMTP password: Your iCloud Mail password or an app-specific password (with two-step authentication enabled)
 
*Password: iCloud Mail SMTP password: Your iCloud Mail password or an app-specific password (with two-step authentication enabled)
*Port: 587
   
*Use TLS (SSL) encrypt: no
 
*Use TLS (SSL) encrypt: no
 
*Use TLS (STARTTLS) encrypt: yes
 
*Use TLS (STARTTLS) encrypt: yes
Line 165: Line 187:     
*Server: mail.gandi.net
 
*Server: mail.gandi.net
 +
*Port: 587
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*User name: Your email address of your Gandi account
 
*User name: Your email address of your Gandi account
 
*Password: Your password of your Gandi account
 
*Password: Your password of your Gandi account
*Port: 587
   
*Use TLS (SSL) encrypt: no
 
*Use TLS (SSL) encrypt: no
 
*Use TLS (STARTTLS) encrypt: yes
 
*Use TLS (STARTTLS) encrypt: yes
Line 176: Line 199:     
*Server: smtp.orange.fr
 
*Server: smtp.orange.fr
 +
*Port: 25
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*User name: Your email address of your Orange account (ex:  myname@wanadoo.fr)
 
*User name: Your email address of your Orange account (ex:  myname@wanadoo.fr)
 
*Password: Your password of your Orange account
 
*Password: Your password of your Orange account
*Port: 25
   
*Use TLS (SSL) encrypt: no
 
*Use TLS (SSL) encrypt: no
 
*Use TLS (STARTTLS) encrypt: no
 
*Use TLS (STARTTLS) encrypt: no
Line 184: Line 208:  
===Outlook / Office365 / Exchange server (with login/pass)===
 
===Outlook / Office365 / Exchange server (with login/pass)===
   −
This mode is not compatible with the two factor authentication. It is also called the SMTP AUTH method or Option 1 in this [https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-3-configure-a-connector-to-send-mail-using-microsoft-365-or-office-365-smtp-relay Microsoft Tutorial]. Warning, according to Microsoft doc, this method is limited: It supports only 1 possible sender. Any other accounts will appear as the same sender.
+
It is also called the SMTP AUTH method or Option 1 in this [https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-3-configure-a-connector-to-send-mail-using-microsoft-365-or-office-365-smtp-relay Microsoft Tutorial]. Warning, according to Microsoft doc, this method is limited: It supports only 1 possible sender. Any other email used to send email will appear as the same main sender.
    
Setup may be:
 
Setup may be:
    
*Server: smtp.office365.com (Microsoft Office 365, Exchange Server) and smtp-mail.outlook.com
 
*Server: smtp.office365.com (Microsoft Office 365, Exchange Server) and smtp-mail.outlook.com
*User name: Your email account
+
*Port: 587
 +
*Authentication method: Use a password (AUTH LOGIN)
 +
*User name: The main email account  
 
*Password: Your password account (If you enabled the Double Authentication Method, you must create an "Application password" from menu https://account.microsoft.com/security/ -> "More security options" and use it as the password instead of your common password)
 
*Password: Your password account (If you enabled the Double Authentication Method, you must create an "Application password" from menu https://account.microsoft.com/security/ -> "More security options" and use it as the password instead of your common password)
*Port: 587
   
*Use TLS (SSL) encrypt: no
 
*Use TLS (SSL) encrypt: no
 
*Use TLS (STARTTLS) encrypt: yes
 
*Use TLS (STARTTLS) encrypt: yes
 +
 +
*You must also go on the microsoft admin console and for each email, you must allow sending from an external platform. For this, on https://admin.microsoft.com go on  '''User file - Mail - Allow as...'''.  Add permissions and add also the main generic email account.
 +
*You must also allow the application "SMTP" to reach your account. For this, on https://admin.microsoft.com, go on '''User file - Mail - Manage mail application''' and check to allow 'SMTP authenticated'.
    
Note: Outlook and Office365 are the worst platforms we know to manage emails. It is not compliant with most web and emails standard so the setup is often difficult with this platform. Documentation about SMTP credential is also poor. It depends on a lot of parameters saved into your Outlook platform. Ask the parameters to use the SMTP server of your Outlook/Office365 platform to your Outlook/Office365 provider. Only your Outlook/Office365 provider is able to give you those parameters. If you can't contact him, I'm afraid, trying any combination of parameters is the only solution to find the good one with this email platform but the one suggested in this wiki should works in 90% of the cases (note that some other parameters specific to Office365 may also be expected by the platform, ask your Microsoft integrator).
 
Note: Outlook and Office365 are the worst platforms we know to manage emails. It is not compliant with most web and emails standard so the setup is often difficult with this platform. Documentation about SMTP credential is also poor. It depends on a lot of parameters saved into your Outlook platform. Ask the parameters to use the SMTP server of your Outlook/Office365 platform to your Outlook/Office365 provider. Only your Outlook/Office365 provider is able to give you those parameters. If you can't contact him, I'm afraid, trying any combination of parameters is the only solution to find the good one with this email platform but the one suggested in this wiki should works in 90% of the cases (note that some other parameters specific to Office365 may also be expected by the platform, ask your Microsoft integrator).
   −
Note: Some users has reported that you may solve trouble in the user/password validation by adding a rule in Office365 to accept SMTP e-mail without authentication keeping a restriction on the IP address of the server hosting your Dolibarr application.
+
This is a more complete thread about this setup reported by a French user: https://www.dolibarr.fr/forum/t/configuration-office-365-mail-smtp/37320/12
 +
 
 +
[[File:warning.png]] If you got error:
 +
 
 +
Response: 501 5.5.4 Invalid domain name [...]
 +
 
 +
Error after sending EHLO xxxxxx:4435 : 501
 +
 
 +
the problem is not into your authentication because error is before that, at very begin of protocol. Try to go on Home - Setup - Other and add MAIL_SMTP_USE_FROM_FOR_HELO to value 1 so Dolibarr will use the domain in the from email as the HELO string. With 0, Dolibarr will use "smtp.office365.com" that may be refused.
 +
 
 +
===Outlook / Office365 / Exchange server (with OAuth2)===
 +
 
 +
Enable the module OAuth2.
 +
Into OAUTH2 module setup, create an OAuth2 entry for Microsoft provider with the 3 scopes:
 +
* offline_access
 +
* outlook.office365.com/IMAP.AccessAsUser.All
 +
* outlook.office365.com/SMTP.Send
 +
Go on the Tab Token Management to generate a token for this OAUth2 service.
 +
A full example on setup process is available in french here: https://weedoo.digital/knowledgebase/2/Configurer-Dolibarr-avec-Microsoft365-et-OAuth2.html
 +
 
 +
Now, into the Home - Setup - Email must be
 +
*Email sending method: SMTPs
 +
*Server: smtp.office365.com (Microsoft Office 365, Exchange Server) and smtp-mail.outlook.com
 +
*Port: 587
 +
*User name: The main email account
 +
*Authentication method: OAUTH2
 +
*OAUTH2 authentication service: Choose the entry created in OAUth2 setup
 +
*Use TLS (SSL) encrypt: no
 +
*Use TLS (STARTTLS) encrypt: yes
    
===Outlook / Office365 / Exchange server (with mode relay)===
 
===Outlook / Office365 / Exchange server (with mode relay)===
   −
This method needs a complex Microsoft Office365 setup (creation of a "Microsoft SMTP Connector"). Also, with this method, Office365 is not able to keep the email sent into the directory "Sent" of the user that send the email. This is a serious limitation for companies with several mailboxes. We recommend using another email provider if you need this (for example gmail that has not this limit).
+
This method needs a complex Microsoft Office365 setup (it needs the creation of a "'''Microsoft SMTP Connector'''" that is a complex step). Also, with this method, Office365 is not able to keep the email sent into the directory "Sent" of the user that send the email. This is a serious limitation for companies with several mailboxes. We recommend using another email provider if you need this (for example gmail that has not this limit).
This mode is compatible with the two factor authentication. More information available on Option 3 variante 2 of this [https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-3-configure-a-connector-to-send-mail-using-microsoft-365-or-office-365-smtp-relay Microsoft Tutorial]
+
This mode is compatible with the two factor authentication. More information is available on Option 3 variante 2 in this [https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-3-configure-a-connector-to-send-mail-using-microsoft-365-or-office-365-smtp-relay Microsoft Tutorial]
   −
Setup may be (see however note after):
+
Setup may be (see however the note just after):
    
*Server: yourdomainname.mail.protection.outlook.com
 
*Server: yourdomainname.mail.protection.outlook.com
 +
*Port: 25
 +
*Authentication method: Use a password (AUTH LOGIN) or No authentication.
 
*User name: Keep empty
 
*User name: Keep empty
 
*Password: Keep empty
 
*Password: Keep empty
*Port: 25
   
*Use TLS (SSL) encrypt: no
 
*Use TLS (SSL) encrypt: no
*Use TLS (STARTTLS) encrypt: no or yes
+
*Use TLS (STARTTLS) encrypt: no or yes (only one will work but it depends on the microsot setup)
    
Note: You must add a rule in office365 to accept SMTP e-mail without authentication but with a restriction on the IP address of the server hosting your Dolibarr application.
 
Note: You must add a rule in office365 to accept SMTP e-mail without authentication but with a restriction on the IP address of the server hosting your Dolibarr application.
Line 219: Line 276:     
*Server: exX.mail.ovh.net    (ask OVH to know value of X)
 
*Server: exX.mail.ovh.net    (ask OVH to know value of X)
 +
*Port: 587
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*User name: Your email
 
*User name: Your email
 
*Password: Your email password (not your OVH account password)
 
*Password: Your email password (not your OVH account password)
*Port: 587
   
*Use TLS (SSL) encrypt: no
 
*Use TLS (SSL) encrypt: no
 
*Use TLS (STARTTLS) encrypt: yes
 
*Use TLS (STARTTLS) encrypt: yes
   −
Some uses also succeed with:
+
Some users also succeed with:
    
*Server: sslX.ovh.net    (ask OVH to know value of X)
 
*Server: sslX.ovh.net    (ask OVH to know value of X)
 +
*Port: 465
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*User name: Your email
 
*User name: Your email
 
*Password: Your email password (not your OVH account password)
 
*Password: Your email password (not your OVH account password)
*Port: 465
   
*Use TLS (SSL) encrypt: yes
 
*Use TLS (SSL) encrypt: yes
 
*Use TLS (STARTTLS) encrypt: no
 
*Use TLS (STARTTLS) encrypt: no
 +
 +
===Proton Mail===
 +
 +
According to this documentation: https://proton.me/support/smtp-submission, setup would be:
 +
 +
*Server: smtp.protonmail.ch
 +
*Authentication method: AUTH PLAIN  (on Dolibarr < 20, you must also go into the page Home - Setup - Other setup" and add the entry with name = "MAIN_MAIL_SMTPS_AUTH_TYPE" and value = "PLAIN" to use this mode)
 +
*User name: The email address that appears into the field SMTP username when you create a SMTP token (See this page to see how to create a token: https://proton.me/support/smtp-submission)
 +
*Password: The value of the SMTP token
 +
*Port: 587
 +
*Use TLS (SSL) encrypt: no
 +
*Use TLS (STARTTLS) encrypt: yes
 +
 +
Note: All emails sent will appears automatically into your "Sent" folder.
    
===SendGrid===
 
===SendGrid===
Line 239: Line 312:     
*Server: smtp.sendgrid.net
 
*Server: smtp.sendgrid.net
 +
*Port: 2525
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*User name: Your SendGrid api key
 
*User name: Your SendGrid api key
 
*Password: Your SendGrid api pass
 
*Password: Your SendGrid api pass
*Port: 2525
   
*Use TLS (SSL) encrypt: no
 
*Use TLS (SSL) encrypt: no
 
*Use TLS (STARTTLS) encrypt: yes
 
*Use TLS (STARTTLS) encrypt: yes
 +
 +
Warning: sendgrid is used mostly for mass emailings. So if you don't subscribe to a paying private IP, your mails may be flagged as spam by recipients event if your email is not.
    
===Yahoo (with login/pass)===
 
===Yahoo (with login/pass)===
Line 249: Line 325:  
*SMTP server: smtp.mail.yahoo.com
 
*SMTP server: smtp.mail.yahoo.com
 
*Port: 465
 
*Port: 465
 +
*Authentication method: Use a password (AUTH LOGIN)
 
*SMTP Username: Your Yahoo login (xxx@yahoo.com)
 
*SMTP Username: Your Yahoo login (xxx@yahoo.com)
 
*SMTP Password: The alternative application password, see later
 
*SMTP Password: The alternative application password, see later
Line 261: Line 338:  
In the new window that opens copy the password and paste it on the Dolibarr Email setup
 
In the new window that opens copy the password and paste it on the Dolibarr Email setup
   −
===Several smtp logins or servers===
+
===Several SMTP logins or servers per user===
At this time there is nos solution for that.
+
As this method is, nowadays, not recommended, this feature is not provided.
   −
Note that in most cases, even if each user has its own email address and its own mailbox and "Sent" directory, using several SMTP login/servers is not required (see for example the comment for Gmail setup using the "relay" mode).
+
Note: Even if each user has its own email address, its own mailbox and its own "Sent" directory, using several SMTP login/servers is not required (see for example the comment for Gmail setup using the "relay" mode). You must use instead an enterprise SMTP service that offers several mailboxes but with one authentication mode (this is available with all emails providers nowadays)
    
=Actions=
 
=Actions=