SMTP Settings

SMTP Email Setup for OpenAlgo

Gmail Configuration Options

Choose the configuration that matches your Gmail setup:

Personal Gmail (Recommended)

After migration, go to Profile → SMTP Configuration and use:

SMTP Server: smtp.gmail.com
SMTP Port: 587
Username: [email protected]
Password: [App Password - see below]
Use TLS/SSL: ✓ (checked)
From Email: [email protected]
HELO Hostname: smtp.gmail.com

Google Workspace (Business Gmail)

For business domains (e.g., [email protected]):

Option 1: SMTP Relay (Recommended for Businesses)

Requirements:

Google Workspace Admin access
Server IP registration in Google Admin Console

Configuration:

SMTP Server: smtp-relay.gmail.com
SMTP Port: 465
Username: [email protected]
Password: [App Password - see below]
Use TLS/SSL: ✓ (checked)
From Email: [email protected]
HELO Hostname: smtp.gmail.com

Setup Steps:

Admin Console Setup:
- Go to Google Admin Console
- Navigate to Apps → Google Workspace → Gmail → SMTP relay service
- Click Add another to create new relay
- Configure these settings:
  Allowed senders: Only addresses in my domains Authentication: Require SMTP Authentication Encryption: Require TLS encryption
- Add your server IP address to allowed IP ranges
- Save the configuration

Find Your Server IP:

# From your OpenAlgo server, run:
curl -4 ifconfig.me
# Or visit: https://whatismyipaddress.com/

Register IP in Admin Console:
- In SMTP relay settings, add your server IP to IP addresses
- Format: YOUR.SERVER.IP.ADDRESS/32 (e.g., 203.0.113.15/32)

Option 2: Personal Gmail Settings (Alternative)

If SMTP relay setup is complex, use personal Gmail settings:

SMTP Server: smtp.gmail.com
SMTP Port: 587
Username: [email protected]
Password: [App Password]
Use TLS/SSL: ✓ (checked)
From Email: [email protected]
HELO Hostname: smtp.gmail.com

App Password Setup (Required for Both)

For Personal Gmail:

Go to Google Account Settings
Enable 2-Factor Authentication (if not enabled)
Select App passwords
Choose Mail from dropdown
Generate password and copy the 16-character code
Use this password in OpenAlgo (NOT your regular password)

For Google Workspace:

Go to Google Account Settings
Admin may need to enable App Passwords:
- Admin Console → Security → API controls → App passwords
- Enable "Allow users to manage their app passwords"
Follow same steps as personal Gmail above
If App Passwords unavailable, ask your IT administrator

Advanced Google Workspace Configuration

Admin Console SMTP Relay Settings

For enterprise deployments, configure these advanced settings:

Security Settings:

Require TLS encryption: Yes
Require SMTP Authentication: Yes
Only accept mail from specified IP addresses: Yes

Rate Limiting:

Per-user rate limit: 10,000 messages/day
Per-domain rate limit: 1,000,000 messages/day

Routing Settings:

Also deliver to Gmail mailbox: Optional
Store and forward: Recommended for reliability

Multiple Domain Support

If you have multiple domains in Workspace:

Primary Domain Configuration:

SMTP Server: smtp-relay.gmail.com
From Email: [email protected]

Additional Domains:
- Add all domains to Admin Console → Domains
- Enable SMTP relay for each domain
- Use same SMTP settings with appropriate From Email

Troubleshooting Google Workspace

Common Error: "Mail relay denied"

Solution 1 - IP Registration:

# Check your current IP
curl -4 ifconfig.me

# Add this IP to Google Admin Console:
# Apps → Gmail → SMTP relay service → IP addresses

Solution 2 - Authentication:

Verify App Password is correctly generated
Ensure 2FA is enabled on the account
Check username format (full email address)

Solution 3 - Fallback to Personal Settings:

SMTP Server: smtp.gmail.com (instead of smtp-relay.gmail.com)
SMTP Port: 587 (instead of 465)

Error: "Authentication failed"

Check App Password:
- Must be 16 characters without spaces
- Generated specifically for "Mail"
- Account must have 2FA enabled

Admin Policy Check:

Admin Console → Security → Less secure app access
Should be: "Allow users to manage their access to less secure apps"

Account Verification:
- Ensure account is not suspended
- Check for recent password changes

Testing Your Configuration

Step-by-Step Testing

Save SMTP Settings in Profile → SMTP Configuration
Click "Debug" to test connection and view detailed diagnostics
Click "Send Test" to send test email to yourself
Check your inbox (and spam folder)
Try Password Reset to test end-to-end functionality

Expected Test Results

Debug Output (Success):

✓ SMTP connection successful
✓ Authentication passed
✓ TLS encryption enabled
✓ Server ready to accept messages

Debug Output (Common Issues):

✗ Mail relay denied → Check IP registration in Admin Console
✗ Authentication failed → Verify App Password
✗ Connection timeout → Check firewall/network settings

Testing Different Scenarios

Test from Different IPs: If using multiple servers
Test Different From Addresses: Verify domain permissions
Test High Volume: Check rate limiting behavior
Test Failed Authentication: Verify error handling

Production Deployment Best Practices

Security Recommendations

Use Dedicated Service Account:

Create: [email protected]
Purpose: SMTP authentication only
Permissions: Minimal (just send email)

IP Whitelist Management:
- Use static IP addresses for production servers
- Document all registered IPs
- Regular audit of IP permissions
Monitor Email Logs:
- Track successful/failed send attempts
- Monitor for suspicious activity
- Set up alerts for authentication failures

Performance Optimization

Connection Pooling: Use persistent SMTP connections when possible
Rate Limiting: Respect Google's sending limits
Retry Logic: Implement exponential backoff for failures
Queue Management: Handle high-volume email sending

Common Issues & Solutions

Personal Gmail Issues

Authentication Failed: Use App Password, not regular password
Connection Failed: Try port 587 instead of 465
2FA Required: Enable 2-Factor Authentication first

Google Workspace Issues

Mail relay denied:
- Register server IP in Admin Console
- Verify SMTP relay service is enabled
- Check authentication credentials
Admin restrictions:
- App passwords may be disabled by admin
- Less secure app access may be blocked
- Contact IT administrator for policy changes
Domain verification:
- Ensure domain is verified in Workspace
- Check MX records are properly configured
- Verify user account is active

Network & Firewall Issues

Port blocking: Ensure ports 587/465 are open outbound
Proxy servers: Configure SMTP through corporate proxy if needed
DNS resolution: Verify smtp.gmail.com resolves correctly

Alternative Email Providers

Microsoft 365 / Outlook

Business (Exchange Online):

SMTP Server: smtp.office365.com
SMTP Port: 587
Username: [email protected]
Password: [Account Password or App Password]
Use TLS/SSL: ✓ (checked)
From Email: [email protected]
HELO Hostname: smtp.office365.com

Personal Outlook/Hotmail:

SMTP Server: smtp-mail.outlook.com
SMTP Port: 587
Username: [email protected]
Password: [Account Password]
Use TLS/SSL: ✓ (checked)
From Email: [email protected]
HELO Hostname: smtp-mail.outlook.com

Yahoo Mail

SMTP Server: smtp.mail.yahoo.com
SMTP Port: 587
Username: [email protected]
Password: [App Password from Yahoo Account Security]
Use TLS/SSL: ✓ (checked)
From Email: [email protected]
HELO Hostname: smtp.mail.yahoo.com

Custom SMTP Providers

SendGrid:

SMTP Server: smtp.sendgrid.net
SMTP Port: 587
Username: apikey
Password: [SendGrid API Key]

Mailgun:

SMTP Server: smtp.mailgun.org
SMTP Port: 587
Username: [Mailgun SMTP Username]
Password: [Mailgun SMTP Password]

Enterprise Integration

Load Balancing

For high-availability setups:

Configure multiple SMTP servers
Implement failover logic
Monitor server health
Balance email load across servers

Compliance & Logging

Audit Requirements:
- Log all email send attempts
- Track recipient information (hashed)
- Monitor for compliance violations
Data Retention:
- Configure log retention periods
- Implement secure log storage
- Regular compliance audits

Monitoring & Alerting

Set up monitoring for:

SMTP connection failures
Authentication errors
Rate limit violations
Unusual sending patterns

Support & Resources

Google Support Links

Google Workspace SMTP Relay - General SMTP relay documentation
App Passwords Setup - How to generate App Passwords
Admin Console Guide - SMTP relay service configuration

OpenAlgo Resources

Built-in Debug: Use SMTP Debug function in profile
Log Files: Check OpenAlgo logs for detailed error messages
GitHub Issues: Report SMTP-specific problems
Documentation: /docs/PASSWORD_RESET.md for complete system overview

That's it! Your OpenAlgo can now send emails for password resets and notifications using your preferred email provider. Choose the configuration that best fits your organization's setup and security requirements.

PreviousTesting OpenAlgo in Cloud NextTOTP Configuration

Last updated 6 months ago

hashtagSMTP Email Setup for OpenAlgo

hashtagGmail Configuration Options

hashtagPersonal Gmail (Recommended)

hashtagGoogle Workspace (Business Gmail)

hashtagApp Password Setup (Required for Both)

hashtagFor Personal Gmail:

hashtagFor Google Workspace:

hashtagAdvanced Google Workspace Configuration

hashtagAdmin Console SMTP Relay Settings

hashtagMultiple Domain Support

hashtagTroubleshooting Google Workspace

hashtagTesting Your Configuration

hashtagStep-by-Step Testing

hashtagExpected Test Results

hashtagTesting Different Scenarios

hashtagProduction Deployment Best Practices

hashtagSecurity Recommendations

hashtagPerformance Optimization

hashtagCommon Issues & Solutions

hashtagPersonal Gmail Issues

hashtagGoogle Workspace Issues

hashtagNetwork & Firewall Issues

hashtagAlternative Email Providers

hashtagMicrosoft 365 / Outlook

hashtagYahoo Mail

hashtagCustom SMTP Providers

hashtagEnterprise Integration

hashtagLoad Balancing

hashtagCompliance & Logging

hashtagMonitoring & Alerting

hashtagSupport & Resources

hashtagGoogle Support Links

hashtagOpenAlgo Resources