Complete these steps to set up your SAS installation to use the Secure SMTP Server.

Set Up Communication with the Secure SMTP Server

Secure Sockets Layer (SSL) / Transport Layer Security (TLS) protocol provides a way to encrypt a communication channel between two computers. TLS protocol enables you to take an existing insecure connection and upgrade it to a secure connection using SSL/TLS by issuing the following:

the STARTTLS command for explicit TLS connection
the SSL command for using implicit TLS connection

To issue the STARTTLS or SSL command, include it in the EMAILHOST= SAS option. There are two methods to set the SAS EMAIL options.

Assign the SAS EMAIL options within the CONFIG file (such as sasv9.cfg) used by your SAS session:

-emailhost (“smtp.gmail.com” STARTTLS);

Add EMAILHOST= in an OPTIONS statement in the SAS code:

OPTIONS EMAILHOST=("smtp.gmail.com" STARTTLS);

Additional Information

If the initial setup steps are not successful, here are additional steps to review. You need to set the SAS EMAIL options according to your Secure SMTP server's requirements.

TCP Port

In addition to using the STARTTLS or SSL command, the SMTP server might need to use a different TCP port from the default, which is Port 25. Typically, Port 587 is used for Explicit TLS (STARTTLS command), and Port 465 is used for implicit TLS (SSL command).

SMTP Server Requirements

Your SMTP server might require the connecting user to be authenticated and/or logged in to the SMTP server.

You can use the following SAS options for authentication and logging into the SMTP server:

EMAILID=
EMAILPW=
EMAILAUTHPROTOCOL=LOGIN

These SAS EMAIL options can also be set within the EMAILHOST= option. For example, you can set the following:

-emailhost (“smtp.gmail.com” STARTTLS id=gmail-login-ID pw=gmail-password auth=LOGIN port=587);

id= (EMAILID)
pw= (EMAILPW)
port= (EMAILPORT)
auth= (EMAILAUTHPROTOCOL)

Testing New Values for the SAS EMAIL Options

It is a best practice to test any new values for the SAS options in an OPTIONS statement in your existing code.

OPTIONS EMAILHOST=(“smtp.gmail.com” STARTTLS id=gmail-login-ID pw=gmail-password auth=LOGIN port=587);
<existing SAS FILENAME EMAIL code>

Current SAS EMAIL Option Settings

To verify your current SAS EMAIL options settings and where they are set, execute the following SAS code in each SAS environment:

PROC OPTIONS GROUP=EMAIL VALUE; RUN;

These options are listed in SAS System Options That Control SMTP E-Mail.

To see the CONFIG files used for each type of SAS session, do the following.

On UNIX and Microsoft Windows hosts, execute the following SAS code:

PROC OPTIONS OPTION=CONFIG; RUN;

On z/OS hosts, see the file allocation for the CONFIG ddname.

For UNIX hosts, place customized options in the ./SASFoundation/9.4/sasv9_local.cfg file.

For z/OS hosts, place customized options in the <sasprefix>.CONFIG(SITE) member.

TLS Communication Between SAS and the SMTP Server

To ensure communication between SAS and the SMTP server, you need to add the TLS/SSL CA Root certificate (and any CA Intermediate Root certificates) for the Secure SMTP server to the SAS session by using SAS Deployment Manager (SDW). For details, see Configure TLS, FIPS, and Certificates.

Debugging Errors Using FILENAME EMAIL Access Method

For information, see SAS KB0040550, "Debugging errors with FILENAME Statement: EMAIL (SMTP) Access Methods and SMTP servers."