Settings

(1) SMTP: The channel can be used to receive or send emails via the SMTP protocol.

(2) Auth SMTP: Like (1) but with authentication.

(3) POP3: If POP3 is selected, field (11) has to contain the address of a POP3 server.

(4) IMAP: If IMAP is selected, field (11) has to contain the address of an IMAP server.

(5) Local certificate (S/MIME): A local certificate (with private key) can be assigned to the channel here. This certificate is used to decrypt the incoming data encrypted by the partner and to sign outgoing data.

(6) Partner certificate (S/MIME): A partner certificate, i.e. the public part of a certificate of your partner, can be assigned to the channel here. This certificate is used to encrypt the data to be sent and to check the signature of received data.

(7) Send signed, Send encrypted: Specifies whether data sent from Lobster Integration to the partner system will be signed and/or encrypted. The data is signed with the signature algorithm set in (9) and encrypted using the encryption algorithm set in (10).

(8) Receive signed, Receive encrypted: If set, Lobster Integration rejects received data that is not signed or encrypted. Attention: If the partner sends encrypted or signed data, a local certificate to decrypt the data or a partner certificate to check the signing must still be available, even if the option here in (8) is not set. Otherwise, the message would not be decryptable or the signature could not be checked. But the message will not be rejected.

(9) Signature algorithm: Determines which algorithm is used to sign data sent by Lobster Integration. The setting is only effective if the checkbox Send signed (7) is set. Example: "SHA256".

(10) Encryption: Determines which algorithm is used to encrypt data sent by Lobster Integration. The setting is only effective if the checkbox Send encrypted (7) is set. Example: "AES".

(11) IMAP Server-URL: The address of the POP3/IMAP server. Example: "pop3s//example.com:995".

The allowed protocols are "pop3", "imap", "pop3s", "imaps". The port number can be omitted, in which case the default port number will be used: 110 (pop3), 143 (imap), 995 (pop3s), 993 (imaps). It can be overwritten with a value greater than 0 wherever the channel is used.

(12) SMTP user: Here an alternative SMTP user can be specified if this does not match the value in field "Own ID".

(13) SMTP login method: The authentication procedure for the partner SMTP server can be specified explicitly. Default: "PLAIN".

It is also possible to specify several methods separated by blanks (the order is observed). Example: "NTLM LOGIN PLAIN MD5-DIGEST".

(14) IMAP directory: Name of the IMAP directory from which emails are to be fetched. Only emails from this directory will be read. Any existing subdirectories are not taken into account. To fetch the emails from the inbox of the user account, the value INBOX must be entered in the field. In order to fetch the emails from a subfolder of the inbox of the user account, the value "INBOX.<name of the subfolder>" must be entered.

(15) Connection test: A test email is sent to the partner system with the address specified in the field "Partner address".

(16) OAuth2 (Bearer) and (17) Retrieval login method, Retrieval user name: For OAuth2 authorization. The necessary values/settings and the procedure are very dependent on the respective provider (e.g. Microsoft, Google, etc.). Two grant types are available: Refresh Token and Client Credentials. Below you will find a small configuration example for the grant type "Client Credentials" and the provider Microsoft Azure, but we cannot guarantee that this information is up-to-date. Please always refer to the documentation of the respective provider. The grant type "Refresh Token" is a little bit more complicated, because you have to fetch a refresh token manually first (grant type "Authorization Code") (e.g. with Postman or an HTTP channel), but that would go beyond the scope here. C ontact our support team for more details if necessary.

Example Microsoft Azure

images/download/attachments/177897580/1273-version-2-modificationdate-1743741364234-api-v2.png

(16.1) Own ID: User name of the email box. Example: "john.doe@example.com".

(16.2) Own password: Password for (16.1).

(16.3) Partner address: SMTP URL of the email box. Example: "smtps://smtp.office365.com:587".

(16.4) Grant type: Select value " Client Credentials".

(16.5) Refresh URL: Use value " https://login.microsoftonline.com/<tenant_ID>/oauth2/v2.0/token" , where instead of <tenant_ID> you have to enter your own tenant ID (displayed to you in Azure). Example: "https://login.microsoftonline.com/3c5a7a7d-f8cd-777b-b9c3-e123456abc/oauth2/v2.0/token".

(16.6) Client ID: The client ID is called 'Application (client) ID' in Azure. Example: "bc8e0b59-123xxx123-111xx456".

(16.7) Client secret: The client secret is only displayed once in Azure when setting up an application and is called 'Value' . Important note: The client secret has a validity period in Azure.

(16.8) Scopes: The permissions that the token should receive are defined here. Use value " https://outlook.office365.com/.default". Note: See also https://learn.microsoft.com/en-us/graph/permissions-reference (→ section "Mail permissions"). Note: The input of individual values can be completed with the Enter key. However, you can also enter several values at once, each separated by a space.

images/download/attachments/177897580/1274-version-2-modificationdate-1743741375522-api-v2.png

(16.9) IMAP Server-URL: Use value " imaps://outlook.office365.com".

(16.10) SMTP user: Can be left empty, then the value from (16.1) is used.

(16.11) SMTP login method: Can be left empty, then "PLAIN" is used.

(16.12) IMAP directory: Use value "INBOX".

(16.13) Retrieval login method: Use value "XOAUTH2", then OAuth2 is used.

Communication paths

With a "Mail" channel, the following three communication paths are covered.

The channel is selected in a profile with an Input Agent of type "SMTP". In this case, the partner system logs in to Lobster Integration to submit emails to Lobster Integration. The content of the "Partner ID" field corresponds to the sender address, provided it is not overwritten in the profile. If the AuthenticationService is defined as the SmtpAuthenticator, then the remote system must use the contents of the fields "Partner ID" and "Partner password" for the login. If no SmtpAuthenticator is defined (or not the AuthenticationService), the contents of the fields "Partner ID" and "Partner Password" have no relevance.
The channel is selected in a profile with a time-driven Input Agent of type "Mail" and subtype "IMAP" or "POP3". In this case, Lobster Integration logs in to the partner system (IMAP server). For this, it uses the contents of the fields "Own ID" and "Own Password". The emails are then read from the IMAP directory.
The channel is selected in a profile with a Response of type "Mail". In this case, Lobster Integration logs on to the partner system (SMTP server), which can be reached via the "Partner address". For this, it uses the contents of the fields "Own ID" and "Own Password". The emails are then transferred to the partner system using the SMTP protocol. If the "Partner address" field is empty, the values for the "Partner address", "Own ID" and "Own Password" are replaced by the corresponding values in the configuration file ./etc/startup.xml (see the following listing). The content of fields "Own ID" and "Own password" are ignored in such a case.

<Call name="addApplication">
    <Arg>
        <New class ="com.ebd.util.net.mail.HubStartupConfiguration">
            <Call name="setMailSettings">
                <Arg>localhost</Arg>
                <Arg type="int">25</Arg>
                <Arg>user</Arg>
                <Arg>password</Arg>
            </Call>
        </New>
    </Arg>
</Call>

Instead of "localhost", the address of the server is entered. The port on which the SMTP server is listening is specified in the line afterwards. This is followed by the optional information for user and password.