I'm trying to configure the SMTP server within Device -> Configuration -> SMTP but apparently it wants to communicate via TLSv1 which is an issue as the mail relay server that I have to use only allows TLSv1.2, obviously. Is there any variables that can be changed to make this connection want to use TLSv1.2 rather than TLSv1?
Thanks in advance on any guidance!
From what I read the F5 uses Linux SSMTP email client to generate emails and it is very limited. You can check for Linix SSMTP options to specify TLS1.2 but I couldn't find them for 20 minutes so you may need to look for hours if it is possible https://support.f5.com/csp/article/K13180 .
Better configure your syslog or SIEM server that the F5 sends the logs to do the email generation.
So I'm trying to use APM to generate an email that provides a OTP to a user based on their email address found via AD Query. I may just have to pose the question to support to see if there is a db variable that controls that.
SSMTP (i.e. mailhub) seems to act differently than the GUI version which is odd.
That seems bad 😞
If they say it is not a bug but a feature that in the future tey will add I sugest trying with the SIEM or syslog server. You may generate a custom log in /var/log/apm with the Access policy logging agent and then when the log is send to the SIEM/syslog server they will generate email:
F5 HSL logging to SIEM or syslog:
You also use SNMP station/server with F5 traps but it is harder:
Maybe looking at iRulesLX could help you solve your issue. There are a couple of code snippets available here on devcentral for sending OTP via sendgrid. Take a look here:
I think it is not a 100% ready-made solution for your issue, but a starting point.
Ssmtp is... limited in terms of security.