Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Pantsu
Contributor
Jump to solution

mail alert from checkpoint

I want receive email notifications from checkpoint about critical alerts (anty virus, ips, anti-bot) , i find it in smartevent , but when i create new ' Automatic reaction' there are only "Outgoing mail server (SMTP)" Parameter, i think it is not enough  , where i can enter my email credentials (Username and password ) and POP Parameters, i think those  are necessary .

1 Solution

Accepted Solutions
vladt
Explorer

Checkpoint imported the msmtp (sendmail command is actually a link) tool from RHEL 5.2 while removing the SSL/TLS support. 

However, it is still possible to send emails with authentication, for example Gmail. 

Command used:

curl_cli --ssl-reqd \
--url 'smtps://smtp.gmail.com:465' \
--user 'tester@example.com:APP PASSWORD' \
--mail-from 'tester@example.com' \
--mail-rcpt 'recepient@gmail.com' \
--upload-file mail.txt \
--cacert /opt/CPsuite-R81.10/fw1/database/ca_bundle.pem

 

File contents:

[Expert@fw:0]# cat mail.txt
From: "tester" <tester@example.com>
To: "recepient" <recepient@gmail.com>
Subject: This is a test

Hi from tester
Bye!

 

 

View solution in original post

0 Kudos
9 Replies
PhoneBoy
Admin
Admin
Neither of those options are supported.
They also should not be required (or are generally not) for internal SMTP servers.
0 Kudos
Pantsu
Contributor

Thanks for you reply, but i did't understand ,

1) Is it possible  to receive email from my Server  ? 
2) How it send me email with only those few parameter (without credentials).

PhoneBoy
Admin
Admin
You need an SMTP mail server that will accept email sent from your SmartEvent without authentication.
Usually both the SmartEvent server and an SMTP server are inside your protected network.
Pantsu
Contributor
We have SMTP mail server, but it is in cloud (smtp.office365.com)
1) how i can use this server to accept email sent from my SmartEvent?
2) which would be source , who would send me this email from SmartEvent , if i did not put somewhere mail credentials in SmartEvent .
0 Kudos
PhoneBoy
Admin
Admin
The built-in mail feature in SmartEvent Automatic Reaction does not currently support using SMTP Authentication, which would be required to support Office 365.
You should be able to write a script that calls /sbin/sendmail on the management server that supplies the required credentials to send the email.
0 Kudos
jperry
Participant

I'm looking to do this same thing.. Would you have any examples of what the script might look like?

vitsprediction
Explorer

Hi jperry,

Have you found the script or solution?

0 Kudos
Steven_Sultana
Contributor

Indeed there must be a way, since for SmartView it is possible to send authenticated and TLS emails.

However I'm messing a bit with /sbin/sendmail (msmtp) and when enabling TLS I'm getting an error that "sendmail: support for TLS is not compiled in" (R81, take 44).

 

Does that mean Smartview is actually using /opt/CPsuite-R81/fw1/bin/sendmail ?

Does the -m option take the same file as msmtp?

sendmail [-t server] [ [-m filename] | [-s subject] [-f from] email-address]

 

I have something like this:

[Expert@Lab-MGMT01:0]# cat sendmail.cfg
# Set default values for all accounts.
account default
auth           on
tls            on
tls_trust_file /var/opt/CPshrd-R81/conf/ca-bundle.crt
logfile        /var/log/msmtp

# Office365
host           smtp.office365.com
port           587
from           sender@example.com
user           sender@example.com
password       PlaintextPassword

# Syslog logging with facility LOG_MAIL instead of the default LOG_USER
syslog LOG_MAIL

 

Called as:

[Expert@Lab-MGMT01:0]# /opt/CPsuite-R81/fw1/bin/sendmail -m sendmail.cfg recipient@example.com
0
[Expert@Lab-MGMT01:0]#
[Expert@Lab-MGMT01:0]# sendmail -C sendmail.cfg recipient@example.com
sendmail: support for TLS is not compiled in
[Expert@Lab-MGMT01:0]#

 

Any thoughts?

Steven.

0 Kudos
vladt
Explorer

Checkpoint imported the msmtp (sendmail command is actually a link) tool from RHEL 5.2 while removing the SSL/TLS support. 

However, it is still possible to send emails with authentication, for example Gmail. 

Command used:

curl_cli --ssl-reqd \
--url 'smtps://smtp.gmail.com:465' \
--user 'tester@example.com:APP PASSWORD' \
--mail-from 'tester@example.com' \
--mail-rcpt 'recepient@gmail.com' \
--upload-file mail.txt \
--cacert /opt/CPsuite-R81.10/fw1/database/ca_bundle.pem

 

File contents:

[Expert@fw:0]# cat mail.txt
From: "tester" <tester@example.com>
To: "recepient" <recepient@gmail.com>
Subject: This is a test

Hi from tester
Bye!

 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events