Configuring your email server
Configuring the connection between your SMTP server and Burp Suite Enterprise Edition enables some useful features, such as sending email invites to newly created users and automatically sending end-of-scan reports to users when their scan is complete.
Note: Your network settings for the Enterprise server are used to generate links sent as part of emails from Burp Suite Enterprise Edition. Before you can integrate your email server, you need to configure your network settings.
To configure your email server:
- Log in to Burp Suite Enterprise Edition as an administrator.
- In the upper-right corner of the screen, select the settings icon and go to "Network".
You should have already configured your network settings here. However, if you configured an HTTP proxy connection for communication with
portswigger.net, you need to decide whether you also want to use the proxy for connecting to the email server. If you use an external email service provider, we recommend enabling the "Use to connect to the email server" setting. Note that this is only supported if you use an unauthenticated proxy.
- From the settings menu, select "Email".
- Click the switch to enable this feature. A list of server settings appears.
Enter your SMTP server hostname. For example, if you use Gmail, the hostname is
smtp.gmail.com. If you don't know what this is, you should be able to find it in the documentation of your email service provider.
- Enter the port that the server uses for sending emails. Port 587 is used by Gmail and many other SMTP servers. However, ports 25 and 465 are also commonly used.
- In the "From address" field, enter the email address from which you want Burp Suite Enterprise Edition to send emails to users. In theory, this can be any email address. However, to reduce the risk of issues, such as messages being blocked by spam filters, we recommend using an email address registered to your email service provider. In other words, if you use the Gmail SMTP server, use a Gmail email address as the "From address".
- If you use an internal email server, you might not use authentication. However, if you use an external email service, click the "Authenticated" switch and enter the username and password that you usually use to log in to the account.
- Select whether you want to use TLS when sending emails from Burp Suite Enterprise Edition. If you use an external email service, we recommend enabling this setting. If you will only send emails within your internal network, you might not need to use TLS.
- When you are happy with your settings, click the icon in the upper-right corner of the screen to confirm your changes.
- Finally, you need to verify that links in the auto-generated emails are able to successfully connect back to the Enterprise server. Click "Send" to send a test email to yourself (the email address of the Burp Suite Enterprise Edition administrator).
- Go to the email and click the "Check Email Link" button. If you are taken back to the email settings page in Burp Suite Enterprise Edition, you have finished integrating your email server. Otherwise, you need to check that you entered the correct web server URL on the "Network" settings page and try again.
Sending invites to newly created users
Once you have successfully integrated your email server, newly created users will automatically receive an invite by email when you finish creating their Burp Suite Enterprise Edition account.
Configuring email recipients for scan reports
Once you have successfully integrated your email server, you can specify a list of recipients who should automatically receive scan reports by email whenever a scan finishes for a particular site. The report contains a summary of the scan results. You maintain this list on a site-by-site basis.
When creating a new site, you can add recipients under "Email recipients for scan completion reports". To add recipients to an existing site, you can find this setting on the "Details" tab of a site.