Please rate how useful you found this document: 
Average: 5 (1 vote)

Overview

ProcessMaker can be configured to send out emails to keep its users updated about new cases in their inbox and receive notifications at specific times while running cases. This page explains the settings to be used to configure the email servers within ProcessMaker.

It is possible for the user to configure the email servers in order to use the following components:

  • Tasks: Automatically sends an email to a user when they are assigned to a task in a case.
  • Events: Sends Message Events to users at a particular time during the course of a case.
  • Trigger code: Trigger code with the PMFSendMessage() function.
  • Case Notes: Sends emails containing the case notes to all users who participate in the case.

Note: The email settings have been tested with Gmail, Yahoo and Hotmail services. It is not recommended to use Office 365, since it has not been tested yet and some configurations may not work as expected.

Edit the Email Server Configurations

Allow ProcessMaker to send out email notifications by logging on to ProcessMaker with a user such as "admin", who has the PM_SETUP permission in their role.

Note: Users must have the PM_SETUP_EMAIL permission assigned to their role to access the ADMIN > Settings > Email Servers option.

To edit the Email Server configuration, follow these steps:

  1. Go to ADMIN > Settings > Email Servers.

  2. Select the only item listed on the screen. This item represents an email server that is not configured yet and it is called MAIL.

  3. Click on the Edit button to change the configuration of this email server.

  4. A new window Edit Email Server displays, where the following Email Engine options are presented:

Email Server Configuration Options

In the Edit Email Server window, the Email Engine field must first be defined. In this dropdown select either:

  • SMTP (PHPMailer): This option sends email using the PHPMailer program. Select this option to use an email server that supports the Simple Mail Transport Protocol (SMTP). If your organization does not have its own email server (such as sendmail, postfix, or exim), use an external email service (such as Gmail, Yahoo or Hotmail) that supports SMTP. If using an external email service, read the configuration information below for Hotmail, Yahoo or Gmail, or see this list for the SMTP configuration of other email providers.
  • SMTP - IMAP (PHPMailer): This option stores email messages in a mail server, but allows the end user to view and handle the messages as though they were stored locally in the end user's computing device(s). Available Version: As of ProcessMaker 3.4.0.
  • Mail (PHP): Select this option to use PHP's mail() function to send emails via the Mail Transfer Agent (MTA), such as SendMail, Postfix or Exim, which is installed and configured on the same server where ProcessMaker is installed. Make sure that the php.ini file in the server is configured to use the MTA. If unable to deliver mail, check the sendmail_path setting. If using a Windows server, it may be necessary to change the SMTP and stmp_port settings.
  • GMAIL API (PHPMailer): Select this option to send emails using a Gmail account and if Less secure app access option is disabled in this Google account. ProcessMaker provides connection with given access tokens by Google rather than credentials, which provide security when setting personal data.

SMTP (PHP Mailer)

This section discusses how to configure the SMTP (PHPMailer) option, as accessed from Email Engine setting of the Edit Email Server window.

If this option is selected in the Email Engine option, the following fields must be filled in:

Where:

  • Server: The IP address or domain name for the email server. For example, "smtp.gmail.com", "smtp.mail.yahoo.com" or "smtp.example.com".
  • Port (default 25): The port number used by the email server. Generally port 25 is used, or alternatively port 587. If connecting to the email server with a SSL or TLS connection, generally port 465 is used. If left blank, the default port 25 will be used. (See also the corresponding settings by email provider.)

    Note: Make sure that a firewall is not blocking this port on your ProcessMaker server.

  • Require Authentication: Check this option to enable authentication. When checked, it displays the Password field.
    • Password: The password for the user account.
  • Sender Account: The name of the user account from which emails are sent from. Some email servers, such as Gmail, require that the account name includes the full email address, such as: johndoe@gmail.com.
  • Sender Email: Email account from which the email notifications will be sent to. Otherwise as of ProcessMaker 3.3.0, if Sender Email is empty, the Sender Account replaces it.
  • Sender Name: Set the name of the email address from which emails are sent from, such as "My Company Admin". If left blank the emails are sent from "ProcessMaker" by default. When the flow of a process reaches an Intermediate Email event and the Sender Name is left blank, the Sender Name displays the value of the Sender Account field by default.
  • Use Secure Connection: Select whether the email requires a secure connection:

    Note: It is strongly recommended to establish secure connections with email servers using SSL or TLS security certificates by enabling one of the two previous options.

  • Send a test mail: Check this option to send a test mail. When checked, it displays the Mail to field.

    • Mail to: Email account to which the test mail will be sent to.
  • Set as default configuration: If checked, this will set this email configuration as default from now on.

Note: To use Office 365 that usually requires more time to connect than other message services, as of ProcessMaker 3.3.0 an IT manager can define the SMTP server timeout when sending emails. To do this, configure the smtp_timeout parameter in the env.ini file.

Mail (PHP)

This section discusses how to configure the Mail (PHP) option, as accessed from Email Engine setting of the Edit Email Server window.

If using this option, no configuration information needs to be entered.

  • Sender Email: The email account from which the email notifications is sent to. Otherwise as of ProcessMaker 3.3.0, if Sender Email is empty, the "Mail (PHP)" label replaces it.
  • Sender Name: Set the name of the email address from which emails are sent from, such as "My Company Admin". If left blank, then emails will be sent from "ProcessMaker" by default. When the flow of a process reaches an Intermediate Email event and the Sender Name is left blank, the Sender Name displays the value of the Sender Account field by default.
  • Send a test mail: Check this option to send a test mail. When checked, it displays the Mail to field.

    • Mail to: Email account to which the test mail will be sent to.

Testing the Email Configuration

This section discusses how to test Email configurations, as accessed from Email Engine setting of the Edit Email Server window.

Note: Test button is not available for GMAIL API (PHPMailer) Email Engine.

After filling Email server fields, follow this steps:

  1. Click on the Test button to test the email configuration.

  2. If there is an error when configuring the server, a red X appears as seen in the image below. Go back to settings and when configured, test again.

  3. If the Send a test mail option was selected, a test email from ProcessMaker administrator arrives:

  4. After all the tests pass, click on the Save Changes button to save the email configuration.

    Note: Take into account that when using one email account in the Sender Account field, but a different Sender Email account, the from account sent in the emails will always be the account set in the Sender Account field. The account set in the Sender Email field will be sent as the reply-to.

GMAIL API (PHPMailer)

This section discusses how to configure the GMAIL API (PHPMailer) option, as accessed from Email Engine setting of the Edit Email Server window.

Available Version: As of ProcessMaker 3.4.7.

  1. If this option is selected in the Email Engine option, the following fields must be filled in:

    • Client ID, Client Secret: Tokens provided by Google. To generate this tokens, check how to obtain an access from the Google Authorization Server.

    • From Account: The name of the user account from which emails are sent from. It is required that the account name includes the full email address, such as: johndoe@gmail.com.
    • Sender Email: Email account from which the email notifications will be sent to. Otherwise as of ProcessMaker 3.3.0, if Sender Email is empty, the From Account replaces it.
    • Sender Name: Set the name of the email address from which emails are sent from, such as "My Company Admin". If left blank the emails will be sent from "ProcessMaker" by default. When the flow of a process reaches an Intermediate Email event and the Sender Name is left blank, the Sender Name displays the value of the Sender Account field by default.
    • Send a test email: Check this option to send a test mail. When checked, it displays the Mail to field.
    • Mail to: Email account to which the test mail will be sent to.
    • Set as default configuration: If checked, this will set this email configuration as default from now on.
  2. After filling in the email settings, click on the Continue button to validate the email configuration.

  3. You will be redirected to Google Account Validation. Select your Gmail account to proceed.

  4. Click the Allow button to confirm access.

  5. The Gmail account is now set up properly.

Restrictions

To avoid errors when setting GMAIL API Engine, these cases should be considered:

  • When the Client ID has incorrect values, Google Account page reports the 401 error: The OAuth client was not found. This happens when editing or setting a new server.

  • When the From Account field is edited with a value that does not belong to the Client Secret field (even if email does not exist), no error is displayed and emails saved with this configuration are not sent.
  • If the Authorized domain value is not set up correctly on the Google Console, it reports a 400 error: The redirect URI does not match the ones authorized for the OAuth client.

Settings of Common Email Providers

The following sections explain how to set the email servers for common email providers ProcessMaker supports:

Email Configuration for Gmail

This section documents email configuration settings for Gmail:

  • Email Engine: SMTP (PHPMailer)
  • Server: smtp.gmail.com
  • Port: 587
  • Require authentication:
  • Sender Account: account_name@gmail.com or account_name@company_name.com
  • Password: account_password
  • Use Secure Connection: TLS

To save a copy of outgoing emails in the Sent folder of a Gmail account, IMAP needs to be enabled:

  1. Sign in to your Gmail account.

  2. Click the gear icon located in the top right of the sceen.

  3. Select Settings.

  4. Click Forwarding and POP/IMAP.

  5. Select Enable IMAP.

  6. Click Save Changes.

Note: If there is a problem connecting to your Gmail account, you probably need to Allow the access to your Google account by following this link in the same browser where you have your account session logged in.

Gmail 2-Step Verification

If using a 2-Step Verification Gmail account, it is necessary to use a Google Application Password to make a connection with ProcessMaker.

To do this, follow the next steps:

  1. Log on to your Gmail account and go to your App passwords page.

  2. Click Select app and choose the Other option.

  3. Write ProcessMaker in the text field and click the Generate button.

  4. An App password (the 16 character code in the yellow bar) will be generated. Copy the code and click Done to exit. Take into consideration that each app password is only used once, and once that app password is generated cannot be used again.

    The new app password will be listed and ready to use.

  5. Go to the Email Server Configuration in ProcessMaker, and instead of your normal password place the 16-character code in the Password field.

  6. After filling in the email settings, click on the Test button to test the email configuration.

Turn on Access for less secure apps in Gmail

Warning: G Suite began to remove Enforce access to less secure apps (LSA) for all users on October 30, 2019. Please refer to the ProcessMaker's Email Configuration for Gmail using SMTP Relay for functionality that might meet your needs.

Gmail does not allow emails to be sent from apps that seem to be less secure. The Access for less secure apps option needs to be enabled in the Gmail account in the Sender Account field if sending the test email fails with the error message: SMTP Error: Could not authenticate.

Google will send a warning email to your Gmail account with the following text:

Google just blocked someone from signing into your Google Account
xxxx@gmail.com from an app that may put your account at risk.

For example:

Click on the "allowing access to less secure apps" link at the bottom of the email. It will open a new tab or window to allow access from less secure apps. In the Access for less secure apps option, select the Turn on option.

Now it is possible for ProcessMaker to send out emails from your Gmail account.

Email Configuration for Gmail using SMTP Relay

This section documents email configuration settings for Gmail using SMTP relay:

  • Email Engine: SMTP (PHPMailer)
  • Server: smtp-relay.gmail.com
  • Port: 587
  • Sender Account: account_name@company_name.com
  • Use Secure Connection: TLS

To run the email server correctly, you must enable the SMTP relay.

Enable SMTP Relay

If your organization uses an SMTP service through Google, you can configure the SMTP relay service to route outgoing mail. Take into account that you must have a G Suite account. To do this, follow the next steps:

  1. Log on as an administrator.

  2. Click Chrome App Launcher at the top right of the screen.

  3. Click More.

  4. Click Admin.

  5. The Admin Console screen displays. Click Apps.

  6. The Apps screen displays. Click G Suite.

  7. The G Suite screen displays. Check the Gmail option listed.

  8. The Settings for Gmail screen displays. Scroll to the bottom of the page and click Advanced settings.

  9. The General Settings tab displays. Make sure to select the top-level organization on the left.

  10. Scroll to the Routing section, hover over the SMTP relay service setting, and then do one of the following:

    • If an SMTP relay is not configured, click Configure.
    • If the setting is already configured, click Edit or Add Another.

    In this case click Add Another.

  11. The Add setting window displays. In the SMTP relay service section, enter a unique description.

  12. In the Allowed senders section, select the users who are allowed to send messages through the SMTP relay service. In this case ProcessMaker recommends Only addresses in my domains. It means that the sender does not have to be a recognized G Suite account, but must be in one of your registered domains. This can be useful when you have third-party or custom applications that need to send messages. If you chose to only accept messages from specified IP addresses in my domains, the IP addresses / ranges section becomes enabled.

  13. In the Authentication section, check Only accept mail from the specified IP addresses. It means that the system only accepts mail sent from these IP addresses as being sent from your domain. After checking Only accept mail from the specified IP addresses, add IP addresses by following these steps:

    a. In the IP addresses / ranges section, click ADD IP RANGE or Add IP range.

    b. A new window displays. In the Description field, enter a description for the IP address or range.

    c. In the IP address/range field, enter the IP address or range. Use the Classless Inter-Domain Routing (CIDR) format to enter an IP range; for example, 123.123.123.123. Use your own public IP address. The maximum number of IP addresses that you can specify in the range is 65,536. It is recommended that you keep the allowed IP range as narrow as possible for security reasons. You can also use IPv6 address formats to specify an IP address; for example, 1050::5:600:300c:326b.

    d. Check the Enabled box to enable this IP address or range.

    e. Click SAVE. The new IP range is listed in the IP addresses / ranges section.

  14. In the Encryption section, check the Require TLS encryption box that requires the communication between your server and Google’s server to be TLS encrypted, including the message contents.

    Note: If your email server does not support TLS, do not check this box. If you check this box, Google will reject messages that are not encrypted.

  15. Click ADD SETTING.

  16. The General Settings tab lists the new SMTP relay service at the bottom. Click SAVE. It can take up to an hour for changes to propagate to user accounts.

To know more about the SMTP relay setting, see SMTP relay.

Email Configuration for Yahoo!

This section documents email configuration settings for Yahoo!:

  • Email Engine: SMTP (PHPMailer)
  • Server: smtp.mail.yahoo.com
  • Port: 587
  • Require authentication:
  • Sender Account: account_name@yahoo.com
  • Password: account_password
  • Use Secure Connection: TLS

Note: Yahoo limits accounts to 500 emails per day and emails can only be addressed to a maximum of 100 recipients.

Email Configuration for Hotmail

This section documents email configuration settings for Hotmail:

  • Email Engine: SMTP (PHPMailer)
  • Server: smtp.live.com
  • Port: 25 or 587
  • Require authentication:
  • Sender Account: account_name@hotmail.com
  • Password: account_password
  • Use Secure Connection: TLS

Note: Hotmail accounts are limited to a maximum of 300 messages per day and up to 100 recipients per message. However, you can increase your Hotmail message sending limits.

Email Configuration for Outlook

This section documents email configuration settings for Outlook:

Settings for Outlook accounts:

  • Email Engine: SMTP (PHPMailer)
  • Server: smtp-mail.outlook.com
  • Port: 25 or 587
  • Require authentication:
  • Sender Account: account_name@hotmail.com
  • Password: account_password
  • Use Secure Connection: TLS

Checking the Email Configuration

To make sure that ProcessMaker is properly configured to connect to an email server, go to ADMIN > Settings > Email Servers and send a test email as shown in the sections above. If ProcessMaker is unable to connect to the email server, check the address, port number and firewall.

Check the Address

If the test email fails, then first verify that the ProcessMaker server can connect to the email server. Go to the command line of the ProcessMaker server and issue a ping. (Use CTRL+C to stop the pings.)

For example:

ping smtp.mail.yahoo.com PING smtp.mail.us.am0.yahoodns.net (98.138.84.55) 56(84) bytes of data. 64 bytes from vcs-s-myc.mail.vip.ne1.yahoo.com (98.138.84.55): icmp_req=1 ttl=48 time=210 ms 64 bytes from vcs-s-myc.mail.vip.ne1.yahoo.com (98.138.84.55): icmp_req=2 ttl=49 time=189 ms 64 bytes from vcs-s-myc.mail.vip.ne1.yahoo.com (98.138.84.55): icmp_req=3 ttl=48 time=210 ms 64 bytes from vcs-s-myc.mail.vip.ne1.yahoo.com (98.138.84.55): icmp_req=4 ttl=48 time=215 ms --- smtp.mail.us.am0.yahoodns.net ping statistics --- 5 packets transmitted, 4 received, 20% packet loss, time 4001ms rtt min/avg/max/mdev = 189.429/206.650/215.775/10.173 ms

Note: Some systems may block the ICMP packets used by ping, so the email server may be operating even if the ping fails.

Check the Ports

Then, check which ports are being used by the email server with a tool such as Nmap, which shows which ports are being used.

For example, to check which ports are used by smtp.mail.yahoo.com:

nmap smtp.mail.yahoo.com Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-26 12:55 BOT Nmap scan report for smtp.mail.yahoo.com (98.139.212.139) Host is up (0.16s latency). Hostname smtp.mail.yahoo.com resolves to 3 IPs. Only scanned 98.139.212.139 rDNS record for 98.139.212.139: vcs-s-myc.mail.vip.bf1.yahoo.com Not shown: 996 filtered ports PORT STATE SERVICE 25/tcp open smtp 80/tcp closed http 465/tcp open smtps 993/tcp closed imaps Nmap done: 1 IP address (1 host up) scanned in 11.38 seconds

In this case, smtp.mail.yahoo.com is using port 25 for unsecured email and port 465 for email with a secure connection.

To check which ports are being used by the local machine, use netstat -tanp in Linux/UNIX or netstat -anb in Windows.

For example, to figure out which port is being used by the EXIM mail server on the local machine:

netstat -tanp Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1596/cupsd tcp 0 0 0.0.0.0:45367 0.0.0.0:* LISTEN 1113/rpc.statd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2269/exim4 tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1872/mysqld tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 1464/apache2 tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1098/rpcbind tcp 0 0 127.0.0.1:7634 0.0.0.0:* LISTEN 1654/hddtemp

Check the Firewall

If the test email fails, then make sure that no firewall is blocking the port used by the email server.

Linux/UNIX:

To see which ports are open, use the netstat command as shown above. To check the status of iptables, use the command: iptables -L -n -v

For example, the following output indicates that iptables is not configured, so no traffic should be blocked:

iptables -L -n -v Chain INPUT (policy ACCEPT 3951 packets, 2148K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 4007 packets, 517K bytes) pkts bytes target prot opt in out source destination

Windows:

To see which ports are open, use the netstat command as shown above.

To check the status of Windows firewall:

In Windows XP/2003/Vista, use the command: netsh firewall show state
In Windows 7/2008, use the command: netsh advfirewall firewall

Note: The command is not available in Windows 7, check this response in this forum to learn about a way to view the ports.

Sending Emails from Different Server and User Accounts

By default, all emails are sent out by the email server and user account configured in ADMIN > Settings > Email. In some processes, however, it may be appropriate to send emails from a different email server and/or user account. The config parameter has been added to the PMFSendMessage() function, in order to allow emails to be sent out with a different email server and/or user account.

To create a trigger that sends out an email from a custom email server and/or user account follow this steps:

  1. Go to DESIGNER and open a process for editing.

  2. Go to the Triggers tab and click on New.
  3. Select ProcessMaker Functions and click on PMFSendMessage() in the list:

  4. See the documentation for this function. The parameter to configure an alternative email server is the last parameter of the function.

  5. The function definition of PMFSendMessage():

    int PMFSendMessage(string caseId, string from, string to, string cc, string bcc,string subject, string template, array aFields=array(), array aAttachments=array(), boolean showMessage=true, int delIndex=0, array config=array())
  6. To use an alternative email server and/or user account, the config parameter of PMFSendMessage() should be set either a string with the UID of the email server or account settings, or an associative array with the following values as the keys:

    • MESS_ENGINE: Select the email server that will be used to send out emails. Possible values include:
      • "PHPMAILER": This option sends email using the PHPMailer program, which is recommended if using an external email service (such as Yahoo!, gmail, hotmail, etc.) or if the server running ProcessMaker is not configured to use a Mail Transfer Agent (such as SendMail, Postfix, exim, etc.).
      • "MAIL": This option uses PHP's mail() function to send the email, which means that the server running ProcessMaker should have a Mail Transfer Agent (such as SendMail, Postfix, Exim, etc.) and PHP should be configured to use it. If this option is used, then the MESS_SERVER, MESS_PORT and SMTPSecure parameters are ignored.
    • MESS_SERVER: The IP address or domain name of the email server. For example, "smtp.live.com" or "smtp.example.com".
    • MESS_PORT: The port number used by the email server. Generally port 25 is used, or alternatively port 587. If connecting to the email server with an SSL or TLS connection, generally port 465 is used.
    • MESS_ACCOUNT: The name that will be used in the From field of the message. It can be an email address, such as "johndoe@example.com", or a name, such as "John Doe" or "Acme Inc.". This value depends upon the email provider. For example, the Gmail email server always uses an email address in this field. If this field is an email address, the MESS_FROM_MAIL parameter is ignored, but if it is a name, MESS_FROM_MAIL should be set to a valid email account.
    • MESS_FROM_MAIL: If MESS_ACCOUNT is set to a name, set this value to the email address from which the notification will be sent, such as: "johndoe@example.com".
    • MESS_RAUTH: Set to 1 if the server requires authentication, meaning that a password is required; otherwise, set it to 0.
    • MESS_PASSWORD: The password of the user account.
    • SMTPSecure: Select whether the email requires a secure connection:
      • "": Set to an empty string if a secure connection to the email server is not required.
      • "ssl": If using Secure Sockets Layer to connect to the email server.
      • "tls": If using Transport Layer Security to connect to the email server.

Emailing Members of a Group

In this example, the members of a group named "Employees" will receive emails from a Gmail account that is specified in the associative array $serverConfig, which is passed to the config parameter of PMFSendMessage():

$groupName = "Employees";
$query = "SELECT "
        . "DISTINCT GROUP_USER.USR_UID "
        . "FROM GROUPWF "
        . "INNER JOIN GROUP_USER ON ("
        . " GROUPWF.GRP_ID=GROUP_USER.GRP_ID AND "
        . " GROUPWF.GRP_TITLE='{$groupName}' "
        . ")";

$result = executeQuery($query);
if (!is_array($result) || count($result) < 1) {
    $g = new G();
    $g->SendMessageText("Unable to find any users in group '$groupName'.", "WARNING");
} else {
    $to = "";
    foreach ($result as $record) {
        $userInfo = userInfo($record['USR_UID']);
        if (empty($to)) {
            $to = $userInfo['mail'];
        } else {
            $to .= ", " . $userInfo['mail'];
        }
    }
    $serverConfig = [
        "MESS_ENGINE" => "PHPMAILER",
        "MESS_SERVER" => "smtp.gmail.com",
        "MESS_PORT" => 465,
        "MESS_ACCOUNT" => "manager@company.com",
        "MESS_FROM_MAIL" => "",
        "MESS_PASSWORD" => "xxxxxx",
        "SMTPSecure" => "tls",
        "MESS_RAUTH" => 1
    ];
    PMFSendMessage(@@APPLICATION, 'manager@company.com', $to, '', '', 'Expenses for Project', 'projectExpenses.html', [], [], true, 0, $serverConfig);
}