Skip to main content

MCE Email Configuration

Overview

MCE groups support the following email features:

These features allow emails to be sent to a user's configured email address,

Note that email features require MCE to be setup and enabled. For more information see:

Setting up email features in the Management Center

MCE email features are configured in the Management Center under Feature > MCE > Email.

Connecting to an SMTP server

Email server settings

All MCE email features require the connection to an SMTP server to be configured.

Connection

Configure the connection from the MCE email service to an SMTP server.

  • SMTP server address: Specifies the server address / host name of the SMTP server.
  • SMTP server port: Specifies the port of the SMTP server.
    • The default port for modern SMTP servers is 587.
    • If the port has a value of 0, the secure socket options determine the default port.
      • SslOnConnect: The default port is 465.
      • All other options: The default port is 25.

Security

The MCE email service supports connecting to an SMTP server using SSL or TLS encryption communication protocols, and supports trusting insecure self-signed certificates.

  • SMTP server secure socket options: Specifies the preferred secure socket communication method.
    • None: No SSL or TLS encryption is used.
    • Auto: Allow the SMTP server to decide which SSL or TLS options to use.
      • The configured SMTP server port is used to determine the default security options.
        • Port 465: Uses SslOnConnect.
        • All other ports: Use StartTlsWhenAvailable.
      • If the server does not support SSL or TLS, then the connection will continue without any encryption.
    • SSL on connect: The connection uses SSL or TLS encryption immediately.
    • Start TLS: Elevates the connection to use TLS encryption immediately after reading the greeting and capabilities of the server. The server connection will fail if the server does not support the STARTTLS extention.
    • Start TLS when available: Elevates the connection to use TLS encryption immediately after reading the greeting and capabilities of the server, but only if the server supports the STARTTLS extension.
  • Trust insecure certificates: Allows insecure self-signed certificates to be trusted.

Password authentication

The MCE email service supports connecting to an SMTP server using password authentication.

  • Enable password authentication: Enables password authentication when connecting to the SMTP server.
  • Authentication username: Specifies the username required for password authentication.
  • Authentication password: Specifies the password required for password authentication.
    • Note that the password is not currently encrypted when persisted in the configuration file.

Synchronizing user email address attributes

User email address attributes are required to have been synchronized in order to send emails to users. This is currently configured by adding the following advanced keys to the Advanced section of the Management Center, alongside having setup attribute synchronization found in the Configuring MCE setup.

KeyValueDescription
mce.attributesynchronization.user.emailaddress.namemailSpecifies the attribute name used to synchronize the user email address.
mce.attributesynchronization.user.emailaddress.issuerADSpecifies the attribute issuer used to synchronize the user email address, defaults to the specified default attribute issuer if omitted.
mce.attributesynchronization.user.activedirectory.propertiess, st, displayName, distinguishedName, msRTCSIP-PrimaryUserAddress, mailSpecifies the active directory properties to synchronize for users (ensure the distinguished name and primary user address are synchronized). Only string type AD properties are supported. Include the "mail" attribute if you are synchronizing email addresses from AD

Email notifications

MCE groups support notifying users they have been invited to join a group, and that they have been mentioned.

The notification features can be enabled in the General section of the Email Management Center configuration page.

Email notifications

Group invitation notifications

When enabled, users will receive an invitation notification when they gain membership to an MCE group. The email contains the following information about the group:

  • Display name
  • Description
  • Encrypted state
  • Maximum supported classification
  • Security Context(s)
  • A link to the group

Further customisation of the email is available in the Email metadata and Email body formatting sections.

  • Email subject: Specifies the subject of the invitation notification email.
    • The subject supports using the {GroupName} template to inject the name of the group, to which the user is invited, into the subject.
    • If left blank, the subject is defaulted to Invited to join '{GroupName}'.
  • Valid invitation window (days): Specifies the length of time (in days) that an invitation notification is considered valid.
    • The MCE email service will retry sending an invitation notification email if there is a failure to connect to the SMTP server or failure to send the email. In order to prevent the email being retried forever, the valid invitation window defines the maximum number of days this will be retried.
    • When enabling the feature for the first time, the valid invitation window is used to determine if a historic invitation email should be sent.
      • For example, the valid invitation window is set to seven days and the feature is enabled for the first time. Users that have gained membership to a group in the last seven days will receive the invitation email.
    • The default valid invitation window is seven days.
  • Repeat invitation cooldown window (days): Specifies the length of time (in days) that invitations will not be resent to a user if they lose and regain membership to an MCE group.
    • For example, the cooldown period is set to 30 days and a user gains membership to a group for the first time, they receive an invitation notification email. If they lose and regain membership to that same group seven days later, they will not receive a second invitation notification email. If they lose and regain membership 31 days after the initial invitation notification email then they will receive a second invitation email.
    • The default repeat invitation cooldown window is 30 days.

Email Mentions

When enabled, this feature sends a mention notification email to a user that is mentioned in an MCE group that they have the right to join. Users that are mentioned in an MCE group but do not have rights will not receive a mention notification email. The email contains the following information about the group:

  • Display name
  • Description
  • Maximum supported classification
  • Security Context(s)
  • A link to the group

Further customisation of the email is available in the Email metadata and Email body formatting sections.

  • Email subject: Specifies the subject of the mention notification email.
    • The subject supports using the {GroupName} template to inject the name of the group, in which the user is mentioned, into the subject.
    • If left blank, the subject is defaulted to Mentioned in '{GroupName}'.
  • Valid mention window (days): Specifies the length of time (in days) that an mention notification is considered valid.
    • The MCE email service will retry sending a mention notification email if there is a failure to connect to the SMTP server or failure to send the email. In order to prevent the email being retried forever, the valid mention window defines the maximum number of days this will be retried.
    • When enabling the feature for the first time, the valid mention window is used to determine if a historic invitation email should be sent.
      • For example, the valid invitation window is set to seven days and the feature is enabled for the first time. Users that have gained membership to a group in the last seven days will receive the invitation email.
    • The default valid mention window is two days.

Email metadata

  • Sender email address The sender email address specifies the email address used to send notifications to users.
  • Sender display name (optional) Sets an email address alias for the sender address.
  • Email protocol headers
    • Specifies a collection of protocol-level email headers.
    • Supports adding security contexts of the exported group with the template string {SecurityContext}.
    • Supports adding the maximum classification token with the template string {Classification}.

Email body formatting

  • Prefix (HTML)
    • Specifies a template for the header of the email as HTML.
  • Suffix (HTML)
    • Specifies a template for the footer of the email as HTML.
  • The suffix and prefix support the following templates:
    • The security contexts of the exported group by including the template string {SecurityContext}.
    • The maximum classification token by including the template string {Classification}.
  • Group link base path (has a default of client path) The group link should be in the following format:
    http://domain:{port number}

Secure content copying and export

Information on this subject has been moved to MCE Content Copying and Export.