Syneto Knowledge

Open a ticket

How to Configure SMTP Email Alerts Using Microsoft 365 in SynetoOS 5

Super Administrator

Written By Christian Castagna (Super Administrator)

Updated at April 24th, 2026

Table of Contents

Register an Application in Microsoft Entra ID Provisioning a VM on Azure Install and Configure SMTP2Graph Configure Alerting on SynetoOS

→ Applies to: SynetoOS 5.x

This guide explains how to configure SMTP2Graph to relay email through Microsoft 365 using Microsoft Graph API.
Use this procedure when devices or applications must send email through Microsoft 365 without relying on legacy SMTP AUTH.
 

Ensure the following prerequisites are met before starting:

Administrator access to Microsoft Entra ID
Access to the target Microsoft 365 tenant
A Linux host for SMTP2Graph.
Permission to create and manage system services.
A mailbox (or approved sender identity) for outbound messages.

 

Register an Application in Microsoft Entra ID

Step 1. Sign in to the Azure portal and navigate to Microsoft Entra ID

 

Step 2. From the left menu, select App registrations, then click New registration

 

Step 3. Fill in registration name and click Register

Step 4. From the left menu, select App registrations, select the registered application, then go to API permissions

 

Step 5. From Microsoft Graph > Application permissions add the mail.send permission

 

Step 6. After adding the permission, click Grant admin consent for and select your user

IMPORTANT
If the signed-in user is not a Microsoft workspace administrator, explicit admin approval may be required.

 

Step 7. From the left menu, select Certificates & secrets, then click New client secret

Save the newly generated secret key.

 

Provisioning a VM on Azure

Step 1. Sign in to the Azure portal and navigate to Virtual machines

 

Step 2. Click on Create, then select Virtual machine

 

Step 3. Fill in VM name

Keep the default settings.
Set the boot image to Red Hat Enterprise Linux 9.4.

 

Step 4. Under Inbound port rules, select Allow selected ports and add SSH (22)

 

Step 5. Click Review, then Create

Step 6. From the left menu, select the VM Network Settings, click on Create port rule, then select Inbound port rule

 

Step 7. Add inbound security rule

  • Port: 465
  • Protocol: TCP
  • Priority: 340

 

 

Install and Configure SMTP2Graph

Step 1.  From the left menu, select the VM Network Settings and save the VM public IP

Step 2.  From the left menu, select the VM Overview

Save the Application (client) ID and the Directory (tenant) ID

 

Step 3. Connect to the VM via SSH (replace <secret_key> with the secret key from Step 7 in the Register an Application in Microsoft Entra ID subsection, <azure_user> with the Azure User and <VM_public_IP> with the public IP from Step 1)

ssh -i <secret_key>.pem <azure_user>@<VM_public_IP>

 

Step 4. Become Super User

sudo su

 

Step 5. Enable port 465

firewall-cmd --add-port=465/tcp --permanent
firewall-cmd --reload

 

Step 6. Change directory

cd /home

 

Step 7. Download SMTP2Graph

wget https://github.com/SMTP2Graph/SMTP2Graph/releases/download/v1.1.4/smtp2graph-linux-x64.zip

 

Step 8. Unzip the package

unzip smtp2graph-linux-x64.zip

 

Step 9. Change directory

cd dist

 

Step 10. Edit config.yml file

vi config.yml

IMPORTANT
Make sure to copy and paste the exact lines below (replace <tenant_ID> and <application_ID> with the information from Step 2, <secret_key> with the secret key Step 7 in the Register an Application in Microsoft Entra ID subsection and <secure_password> with a password for the user)

mode: full
send:
    appReg:
        tenant: <tenant_ID>
        id: <application_ID>
        secret: <secret_key>
receive:
    port: 465
    secure: true
    allowInsecureAuth: false
    requireAuth: true
    tlsKeyPath: key.pem
    tlsCertPath: cert.pem
    users:
    - username: grafana
      password: <secure_password>

Save and EXIT

:wq

 

Step 11. Give permissions to config.yml file

chmod 600 config.yml

 

Step 12. Generate a self-signed SSL/TLS certificate (replace <VM_public_IP> with the public IP from Step 1)

openssl req -x509 -newkey rsa:4096 \
  -keyout key.pem \
  -out cert.pem \
  -days 365 \
  -nodes \
  -subj "/CN=<VM_public_IP>" \
  -addext "subjectAltName=IP:<VM_public_IP>"

 

Step 13. Make the binary executable

chmod 777 /home/dist/smtp2graph-linux-x64
chcon -t bin_t /home/dist/smtp2graph-linux-x64

 

Step 14. Edit the smtp2graph.service service

vi /etc/systemd/system/smtp2graph.service

IMPORTANT
Make sure to copy and paste the exact lines below

[Unit]
Description=SMTP2Graph Service
After=network.target
[Service]
Type=simple
User=root
WorkingDirectory=/home/dist/
ExecStart=/home/dist/smtp2graph-linux-x64
Restart=on-failure
RestartSec=10
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target

Save and EXIT

:wq

 

Step 15. Restart the services

systemctl daemon-reload
systemctl restart smtp2graph

 

 

Configure Alerting on SynetoOS

Step 1. Configure SMTP Alerts ("How to Configure SMTP Alerts in SynetoOS 5")

In Step 7, set Server address with the public IP from Step 1 in the Install and Configure SMTP2Graph subsection

 

 

Related Articles

Endpoints and Ports in SynetoOS 5

→ Applies to: SynetoOS 5.x IMPORTANT The specific group of firewall ports listed ...

SynetoOS Comparison Table (OS4/OS5)

The comparison highlights the improvements, new features and benefits offered by ...

SynetoOS 5 Architecture and Key Components

→ Applies to: SynetoOS 5.x   Minerva Hypervisor Integration Manages integration w...

SynetoOS 5 Quick Setup

→ Applies to: SynetoOS 5.x Ensure the following prerequisites are met before star...