CA API Management Gateway 'Send email alert' assertion fails when using Office365 as the SMTP server

Document ID : KB000007316
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

When attempting to use the 'Send email alert' assertion with Office365 you may encounter the below error

mail_from.png

530 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM

Cause:

When the Gateway completes a SSL handshake with the SMTP server the Gateway almost immediately generates an additional ClientHello (starts a renegotiation handshake) and SMTP server returns a TCP RST.

 

Resolution:

To prevent this add the com.l7tech.server.policy.emailalert.useDefaultSsl system property to bypasses the additional renegotiation.

 

1. Connect to the Gateway and edit: /opt/SecureSpan/Gateway/node/default/etc/conf/system.properties

2. Add this property com.l7tech.server.policy.emailalert.useDefaultSsl=TRUE

3. Save the file and restart the gateway.

4. It is assumed that office365 root certificate is added to the gateway( Policy manager-> Manage Certificates)

5. In Email alert properties select protocol as “SMTP with STARTTLS” port 25/587.

6. Select Server Required Authentication checkbox.

7. Domain name must be provided for all user names and emails ids(Ex: xyz@ca.com).

8. Adding proper email ids it should send email normally.