Nagios XI Email Notifications for Microsoft 365 Outlook

Picture of Ayub Huruse
Ayub Huruse
IT Specialist
Icons of Microsoft Word, PowerPoint, Outlook, Excel, and others on a light blue background.

This step-by-step guide shows how to send Nagios XI notifications through Outlook using secure SMTP with TLS and a Microsoft 365 app password. You’ll set up MFA, generate an app password, configure SMTP in Nagios XI, verify with test messages, and troubleshoot common errors.

Prerequisites

  • Outlook mailbox that will appear in the From line (e.g., [email protected]).
  • MFA enabled on the sending account and tenant policy that allows app passwords.
  • Nagios XI admin access and outbound network access from the XI server to smtp.office365.com on port 587 (STARTTLS).
  • Accurate time/NTP and up-to-date CA certificates on the XI host to avoid TLS/certificate issues.

Step 1: Enable MFA and Generate a Microsoft 365 App Password

  1. Sign in to your Security info page for your work/school account and ensure two-step verification (MFA) is enabled.
  2. In Security info, select Add method → App password, then choose Generate app password. Name it “Nagios XI” or another memorable name if you have multiple app passwords.
  3. Copy the app password and store it securely for use in Nagios XI. Do not use your regular account password, and ensure no extra spaces are copied.
Screenshot of security info page
Generating App Password.

If App password isn’t available, your tenant likely blocks app passwords (Security Defaults or conditional access policy). Use Microsoft with OAuth2 in XI or an SMTP relay instead.

Step 2: Configure SMTP Settings in Nagios XI

  1. In XI, go to Admin → System Config → Email Settings.
  2. Set Send Mail From to a valid sender in your tenant, for example: Nagios Alerts <[email protected]>.
  3. Mail Method: SMTP.
  4. Configure SMTP Settings:
    • Host: smtp.office365.com
    • Port: 587
    • Security: TLS
    • Username: full mailbox UPN (e.g., [email protected])
    • Password: the app password from Step 1
  5. Click Update Settings.
Screenshot of outbound mail settings in Nagios XI
Configuring Email Settings.

If the test later fails with “client not authenticated” or 5.7.139, confirm Authenticated SMTP is enabled for the mailbox/tenant and that you are using STARTTLS on 587.

Step 3: Update User Email in Account Settings

  1. In XI, click the user icon → Account Settings.
  2. Update Email Address to the address that should receive notifications (e.g., [email protected] or another inbox).
  3. Enter your current XI password to confirm.
  4. Click Update Settings.
Screenshot of account information page in Nagios XI
Account Settings.

Step 4: Send a Test Email

1. Return to Admin → System Config → Email Settings.

2. Click Send A Test Email to verify the SMTP configuration.

Screenshot of test email settings screen in Nagios XI
Sending Test Email.

3. Check the destination inbox and Spam/Junk folder for the test message.

Screenshot of Nagios XI test email
Nagios XI Test Email.

Step 5: Test Notifications with a Real Alert

  1. Assign the Microsoft 365–backed contact to a test host or service in XI.
  2. Trigger an alert (e.g., force a soft problem state or use Send Custom Notification).
  3. Verify that the alert email arrives (check Spam/Junk inbox if needed).

Troubleshooting

SymptomLikely CauseSolution
5.7.139 Authentication unsuccessful or 5.7.57 Client not authenticatedSMTP AUTH disabled for the mailbox/org, or wrong credentials/TLS mode.Enable Authenticated SMTP for the mailbox; confirm port 587 + STARTTLS; re-enter the app password.
“App password” option missing in Security infoTenant blocks app passwords (Security Defaults or policy).Adjust policy (if allowed) or use Microsoft with OAuth2 in XI, or send via an SMTP relay.
Connection timeoutsFirewall egress blocked.Allow outbound TCP 587 to smtp.office365.com.
TLS handshake/cert errorsOut-of-date CA bundle or system time not synced.Update CA certificates; verify NTP; retry with TLS on 587.
Emails land in SpamFrom/Envelope-From misalignment, content issues.Use a sender in your tenant; configure SPF, DKIM, DMARC; write meaningful subjects/bodies (avoid bare links).
Works then stopsOrg deprecates Basic Auth/SMTP AUTH or tightens policy.Migrate to OAuth2 via Microsoft with OAuth2 in XI.

Conclusion

Microsoft 365 App Password + SMTP AUTH can deliver Nagios XI notifications securely over TLS on port 587 with smtp.office365.com, but it depends on tenant policies that allow app passwords and Authenticated SMTP. Because Microsoft is phasing out Basic Authentication for SMTP client submission, treat app passwords as a short‑term solution and plan to migrate to OAuth2 in XI for long‑term reliability and security.

For further support, visit the Nagios Support Forum or the Nagios Knowledgebase.

Share:
On this page
    Tags
    Related Articles
    Share: