To configure the mail server you'll need to:
Grab a copy of the
/opt/dradispro/dradispro/current/config/smtp.yml.template file and copy it to
smtp.yml (remove ".template").
To do this, you can run the following command as dradispro:
cp /opt/dradispro/dradispro/current/config/smtp.yml.template /opt/dradispro/dradispro/shared/config/smtp.yml
Edit the contents of the new file. The file itself will walk you through how to configure the mail server.
Add a symlink to the file in the config directory by running the following in the command line as dradispro:
ln -s /opt/dradispro/dradispro/shared/config/smtp.yml /opt/dradispro/dradispro/current/config/
Restart the app processes by running the following:
Now, your Dradis instance should be ready to send out password reset emails or email digests. Since this change is not a local change, it will survive future upgrades!
A sample for using your personal gmail account as smtp server:
default: &default default_url_options: host: https://dradisframework.dev script_name: '/pro' default_options: from: firstname.lastname@example.org reply_to: email@example.com smtp_settings: address: smtp.gmail.com port: 587 domain: dradisframework.com user_name: firstname.lastname@example.org password: insecure!! authentication: plain enable_starttls_auto: true openssl_verify_mode: none
A sample for using an account in your Gsuite with custom domain as smtp server:
default: &default default_url_options: host: https://dradisframework.dev script_name: '/pro' default_options: from: email@example.com reply_to: firstname.lastname@example.org smtp_settings: address: smtp.gmail.com port: 587 domain: example.com user_name: email@example.com password: gsuite gmail account password authentication: plain enable_starttls_auto: true openssl_verify_mode: none
As of July 15, 2014, Google increased its security measures and now blocks attempts from apps it deems less secure.
You can change your Gmail settings here to allow the attempts.
If your Gmail account has 2-factor authentication enabled, then you will need to set an app password and use that instead of your regular password.
Also note that when trying to use a Gsuite account with a custom domain with 2FA enabled and an app password, we still needed to choose the option Allow users to manage their acccess to less secure apps in the gsuite admin panel, under Security > Basic Settings > Less secure apps: Even with Less secure apps turned off for the account sending the mails, without that option selected emails may not be sent, and you may keep seeing this error:
Net::SMTPAuthenticationError (535-5.7.8 Username and Password not accepted.)
Next help article: Configure the Burp-Dradis Extension →