SMTP configuration

ThreatLockDown can be configured to send email alerts to one or more email addresses when certain rules are triggered or for daily event reports.

This configuration requires an SMTP and you can use your own SMTP or the ThreatLockDown Cloud SMTP.

Note

If your SMTP requires authentication, you need to open a ticket through the Help section of your ThreatLockDown Cloud Console to configure it.

The ThreatLockDown Cloud SMTP is limited to 100 emails per hour, regardless of the email_maxperhour setting. To enable the ThreatLockDown Cloud SMTP, configure the following settings:

<global>
  . . .
  <smtp_server>wazuh-smtp</smtp_server>
  <email_from>no-reply@wazuh.com</email_from>
  ...
</global>

The ThreatLockDown Cloud SMTP is now successfully configured.