Beginning with version 23.241.1, Azure XOAUTH XMTP with GCC High is supported.

Microsoft is replacing basic authentication with oAuth for emails sent using Office 365 in 2023. To address this change, beginning with version 22.1.1, FileCloud supports oAuth as an SMTP authentication method. To use SMTP oAuth with FileCloud, you must use Azure as an authorization provider.

FileCloud can send various messages to users via email, including:

share notifications
file change notifications
error notifications

For email to work smoothly with your system, configure the Email Settings below.

To configure email settings:

In the FileCloud admin portal's left navigation bar, scroll down and click Settings. Then, on the Settings navigation page, click Email .
The Email settings page opens.
The general settings on the page begin with System email from address and go through Email type, as shown in the screenshot below.

Fill in the settings as shown in the following screenshot, using the table below as a guide.

General email setting information:

Setting	Description
System email from address	By default, System email from address is listed on emails if there is no email from address (for example, when emails are sent by the system or by workflows). By default, admins cannot change the System email from address; it is set to fchosted@filecloudmail.com. If you want to change the System email from address or you want admin permission to change the System email from address, please Contact FileCloud Support. If you are using SMTP as your email type, and set SMTP AUTH type (listed below, under SMTP Configuration) to XOAUTH2, then set System email from address to the same value as SMTP AUTH username. This is required for successful use of Azure as the authentication provider.
System email from name	By default, System email from name is listed as the from display name from which email messages are sent to users. It is used if there is no email from name (for example, when emails are sent by the system or by workflows).
Use system from name and address	To conceal the sender, list the System email from address and System email from name for all user share emails, even if an actual from address and name exist.
Email Reply to address	By default, Email Reply to address is listed on emails if a reply to address does not exist (for example, when emails are sent by the system or by workflows).
Email Reply to name	By default, Email Reply to name is listed on emails when a recipient replies to an email without a reply to name (for example, when emails are sent from the system or by workflows).
Use Reply to name and address	To conceal the sender, list Email Reply to address and Email Reply to name for all user share emails, even if an actual reply to address and name exist.
Email type	Specify the email facility to be used. The type can be SMTP, Mail or SendMail. Note that Mail and SendMail use the underlying OS's function (and are available only for Debian/Ubuntu installation). The recommended setting is SMTP.

If you choose SMTP for Email Type, complete the following steps for filling in the SMTP fields. If you choose Mail or SendMail for Email Type, skip these steps, and go to Do Not Email Settings.

SMTP Configuration

Note: You must have an SMTP account to set up email using SMTP.

To configure SMTP in Email settings:

In Email Type, choose SMTP.
The SMTP fields below it become enabled.

Fill in the SMTP fields according to the descriptions in the following tables.
The value you choose for SMTP Auth Type determines which additional SMTP fields are displayed below.

Office 365 Settings

When using Office 365, SMTP settings must be set to the following values:

Setting	Recommended value
SMTP host	smtp.office365.com
SMTP port	587
SMTP connection security	TLS
SMTP AUTH username, SMTP AUTH password	Enter the sign in credentials of the hosted mailbox being used.

For more information about SMTP configuration for Office 365 accounts see the Microsoft Office Support Article.

SMTP Setting	Description
SMTP Host	SMTP Server to use for sending email
SMTP Port	The SMTP port to use to connect to SMTP Host (provided by your SMTP provider)
SMTP Security	If your SMTP provider uses SSL or TLS security then select the appropriate value.
SMTP AUTH enabled	If SMTP requires authentication, then check this to enable and enter the authentication settings.
SMTP AUTH type	SMTP Auth Type may be Basic or XOAUTH2. The option you choose determines which additional SMTP fields follow. Basic authentication requires the user to enter a username and password. It is supported by many email providers, but is being deprecated in Microsoft 365 in Exchange Online in early 2023. XOAUTH2 refers to OAuth 2.0 authentication, which uses temporary single-use tokens to provide a more secure method of verification. XOAUTH2 will now be used with Microsoft 365 for Exchange Online and is also the method used by a number of other providers.

If you choose Basic for SMTP Auth Type, enter values for the following fields:

Field	Value to enter
SMTP AUTH username	The authentication username.
SMTP AUTH password	The password for SMTP AUTH username.

If you choose XOAUTH2 for SMTP Auth type:

Review the following information.
XOAUTH2 token generation must be performed by the FileCloud master admin and not by a promoted admin user.
To avoid configuration issues with Microsoft 365 XOAUTH2 setup due to Azure permissions settings, we recommend the following:
If you are able to use an Azure global admin as the SMTP AUTH username in FileCloud:
1. Use an Azure global admin account to create the FileCloud XOAUTH2 application.
2. Use the same Azure global admin account in the FileCloud email settings System Email from address, Email Reply to address, and SMTP AUTH username.
3. Use the Azure global admin account to grant permissions when generating the XOAUTH2 token.
If you are not able to use an Azure global admin as the SMTP AUTH username in FileCloud:
1. Use an Azure global admin account to create the FileCloud XOAUTH2 application.
2. Do not use the same Azure global admin account for the FileCloud email settings System Email from address, Email Reply to address, and SMTP AUTH username, but do set all three of these fields to a single email address.
3. Assign the email entered into SMTP AUTH username to the FileCloud XOAUTH2 application:
  1. Log into portal.azure.com and go to Microsoft Entra ID > App registrations.
  2. Click the FileCloud XOAUTH2 application, and in the navigation panel, click Roles and administrators.
  3. Click Cloud Application Administrator, and then click Add assignments and assign the FileCloud SMTP AUTH username to the FileCloud XOAUTH2 application.
4. Use the SMTP AUTH username to grant permissions when generating the XOAUTH2 token.
If neither of the above options work, confirm that SMTP AUTH is enabled for the SMTP AUTH username and your Organization:
To check if SMTP AUTH is enabled for the SMTP AUTH username:
1. Open Microsoft 365 admin center and go to Users > Active Users and check the SMTP Auth User.
2. In the right panel, click Mail, and then click Manage Email apps.
3. If Authenticated SMTP is not checked, check it.
To check if SMTP AUTH is enabled for your Organization:
1. Go to the Microsoft Exchange admin center and click Settings, then click Mail flow.
2. If Turn Off SMTP Auth Protocol for your Organization is not checked, check it and click Save.
If none of these options work, contact Microsoft Support for help.
Go to the page Microsoft Azure and XOAUTH2 setup guide and follow the instructions under Configure an OAuth2 app in Microsoft Azure to register your oAuth application in portal.azure.com.
In the Email settings page, scroll down to SMTP Auth User and the oAuth fields.

Fill in the SMTP oAuth fields on the Email Settings page listed in the table below:
For the fields oAuth Client Secret, oAuth Client ID, oAuth Tenant ID, and oAuth Redirect URI , retrieve the values from portal.azure.com after registering the oAuth application.


SMTP Auth User	Enter the authentication username You must set Email From Address (described above under General email setting configuration) to the same value as SMTP Auth User. This is required for successful use of Azure as the authentication provider.
SMTP oAuth Provider	Choose the oAuth provider (authorization server). Currently, the only available option is Azure.
oAuth Client Secret	The secret key your FileCloud system uses to get a temporary token from the authorization server.
oAuth Client ID	Application (client) ID from the SMTP provider application. This ID is used to get the temporary token from the authorization server.
oAuth Tenant ID	Directory (tenant) ID used to get the temporary token from the authorization server. (This field is applicable only when Azure is the provider; when other providers are added, it will not be required for them.)
oAuth Redirect URI	The location (appended with the parameter holding the token) where the authorization server should send the user after the token has been generated. The location specified should be your FileCloud domain. Use the format https://your-filecloud-domain.com/admin/getoauthtoken
oAuth Azure Graph URL oAuth Azure Auth URL oAuth Azure Outlook URL	If you are using Azure XOAUTH SMTP with GCC High, fill in these fields as follows: If you are using Azure XOAUTH SMTP without GCC High, these settings default to the correct values for the non-GCC High setup, and it is not necessary to enter them. However, you may enter the correct values, which are: https://graph.microsoft.com https://login.microsoftonline.com https://outlook.office.com
Complete oAuth Setup	Click Generate oAuth Token so you can begin using email with oAuth.

If your SMTP AUTH type is XOAUTH2, do the following:
After you have filled in the SMTP fields, click Generate OAuth Token.
If you are not logged in to your Microsoft authenticator app, you are prompted to log in so you can access Azure to generate the token.
Once the OAuth token is generated, the following XML appears on your screen:

Click Send email at the top of the screen to test the settings.

If your setup is valid, the email is sent to the admin's email, and a success notification appears on your screen.

Do Not Email Settings

Emails get added to the Do not email list when users click unsubscribe in the email body.
Beginning with FileCloud version 20.3, admins can add or remove users from the Do not email list by clicking Manage beside Do not email list.
Admins can specify the maximum number of emails that system can send in a 24 hour span.
Users on the Do not email list do not receive any emails unless Ignore "Do not email" list for priority emails or Ignore "Do not email" list are checked.

To send emails to users on the Do not email list

By default, users on the Do not email list do not receive any emails

To allow users on the Do not email list to receive important emails like password recovery and 2FA, check the Ignore "Do not email" list for priority emails checkbox .
To ignore the Do not email list and send all emails to users who are on the list., check the Ignore "Do not email" list checkbox.

To add or remove users from the Do Not Email list:

Next to Do not email list, click Manage.
The Manage Do Not Email List dialog box opens.
To add an email to the list, click Add Email, then enter and save an email address.
To remove an email from the list, check the box next to the email and click Remove Email.

To limit the number of emails sent to a user

If your users are receiving too many email notifications, you can limit the number of FileCloud system-generated emails sent to them in 24 hours.
In the field Maximum number of emails to send in 24h at the bottom of the Email settings page, enter the maximum number of system emails to be sent each user per day.