Our supplier for transactional e-mails and SMTP services in the Episerver Digital Experience Platform are making some changes around authentication methods to strengthen security. This change will take effect on January 20th, 2021 and includes discontinuation of basic authentication and enforcing the use of API keys instead.
What does this mean for you?
If you are using the transactional e-mail services provided with the Episerver Digital Experience Platform, you need to make some modifications to the SMTP configuration. The process for modifying the configuration and for obtaining the API keys as self-service through the DXP Management Portal can be found in this blog post on World: https://world.episerver.com/blogs/elias-lundmark/dates/2020/12/smtp-authentication-changes-in-dxp2/
What happens if we don´t do anything prior the discontinuation of basic authentication?
Don´t worry, we will be applying this transformation for all preproduction and production environments that do not authenticate with an API key before the new authentication method is enforced to ensure that transactional e-mails keep working as expected. This only concerns environments with existing SMTP authentication supplied by DXP, and no downtime is expected with this change.
Please note that future deployments will be blocked if we notice SMTP sections using the old way of authenticating after we have made the configuration transform. At that point, the deployment process will throw an error message and guide you through the process of changing the configuration in the deployment package.
If you have any questions or concerns, please reach out to us at email@example.com