Before you begin to configure Email Theater, gather the following information. You will need these values when setting up email profiles in the Director.
NOTE: The email settings also must be configured and could use the same outgoing email server or Microsoft Office 365 Graph API. For more information, see Configuring Email Settings for Office 365 with Graph API.
| Description | Value |
|---|---|
| Email Theater license | Location of license file: |
| Director host information | Hostname: IP address: |
| Email account to be used for sending email and notifications from Director | Email address: |
| Outgoing email server (not applicable to Microsoft Office 365 Graph API) | Server address: Server port: Use Encryption?: If yes, tls or ssl? Use Authentication?: yes or no Authentication Type: (Plain or NTLM) |
| Incoming email server (not applicable to Microsoft Office 365 Graph API) | Server address Server port: Authentication type: Plain or NTLM |
Account (must be the same on both the incoming and outgoing email servers; not applicable to Microsoft Office 365 Graph API) | Username: Password: NOTE: If you are using two-factor authentication, you may need an application-specific password from your email provider, instead of the regular password for the email address.See Email Settings for Common Email Providers for more information. |
| Email addresses to be used for Email Actions | Email address: Email address: Email address: |
The following parameters are required for the Microsoft Office 365 Graph API security protocol:
Tenant ID - Unique ID assigned to the Azure AD tenant the email account/profile belongs to
Client ID - Unique ID assigned to the application that must be created in Azure. Represents the Email Theater application in the Azure tenant
Client Secret (as created for the application) - Expiring value that is created in the Azure UI
For more information, see Email Settings for Common Email Providers.
If you want to test the effectiveness of DNS-based email security controls, you may have to configure DKIM, SPF, and DMARC records for the email source domain. Some scenarios include:
| Email Setup to Test | Required Configuration |
|---|---|
| SPF blocking | Requires an email domain without SPF records |
| DKIM blocking | Requires an email domain without DKIM |
| DMARC blocking | Requires an email domain with SPF, DKIM, and DMARC |
| Combination of the 3 above | Requires SPF, DKIM, and DMARC to be configured |
| Malware is stopped | If there's a combination of SPF/DKIM blocking enabled, may require SPF and DKIM to be configured for email to flow correctly |
There are many different ways to complete the above configurations, so refer to either your email provider or your email software's documentation.