Hi! This guide will take you through all the configuration necessary to setup JEMH for Jira Cloud (JEMHC). This will take 20 - 35 minutes depending on what you need.
JEMHC does not support Atlassian Cloud default Mailboxesat all. Atlassian does not support 3rd party usage and periodically rotates the credentials in any case.
In order to successfully complete this guide, you will need the following:
An active Jira Cloud instance that you have administration rights for
For inbound email processing:
A valid Jira project
An external (non-Atlassian) mail source, for example a POP or IMAP server visible by JEMHC - Setup JEMHC Inbound mail (typically through a cloud provider like O365, Gmail, but could be your own).
For outbound email notification:
An external (non-Atlassian) SMTP mail server.
Installing the app
First we will show how to install JEMHC on your Jira Cloud instance. Open the Apps drop-down menu from the top Jira navigation bar. Click Find new apps.
Jira will then show you an app search screen. Search for the term JEMH using the search field provided. In the search results you should see Enterprise Mail Handler for Jira (JEMH). Clicking the search result item will show you a Marketplace listing for the app.
Click the Try it free button to begin an evaluation of the app. Atlassian will then ask for confirmation.
After confirming, JEMH will then be installed.
Once installation is completed, click the Get started link. This will bring you to the JEMH Cloud startup wizard, which will assist you with creating a basic configuration.
Later, this wizard can be revisited via a link on the Welcome page. For the purposes of this guide, we will choose to configure both inbound and outbound aspects of JEMHC. You can choose what is best for your needs.
Setup inbound mail processing
You will likely need to whitelist the JEMHC application IP address for access to your mailservers:
JEMHC Public IP Address : 188.8.131.52
Be aware that this access is for our system, as such, it is technically possible for your mailserver to be contacted by other users of JEMHC - for this reason, we do not recommend/support pass-wordless mail servers!
Next we will configure JEMHC to process emails retrieved from an incoming mail server. Firstly, we will select our first project that emails should create issues in. Do not worry, later on you can add additional projects to the configuration - this is just for initial set up. You will also be asked for an issue type.
Next, we will set up our inbound mail server connection. Selecting Create new message source will allow you to specify your mail server connection details. Alternatively, if you are connecting to a Google or Microsoft email account via OAuth, you can use the respective sign in buttons. See Integrate with Gmail using OAuth and Integrate to Office365/EWS using OAuth for more information.
For the purposes of this guide, we will select Create new message source and connect to an example POP3 mail server. JEMHC provides some standard presets. You can choose Custom to pick your own specific hosts and ports, but its on you to ensure it is correct!
Name of the message source
Message source type
Presets which can be used to simplify the remaining configuration i.e. Host/Post
Message Server's hostname or IP Address
Message Server's port
Connection to be timed out based on the configured time (seconds). Leaving this configuration blank would result the timeout to be 30 second
Username to access the account
Password to access the account
Does the connection use SSL?
SSL Certificate Validation
SSL Certification Validation
Check Server Identity
RFC 2595 specifies additional checks that must be performed on the server's certificate to ensure that the server you connected to is the server you intended to connect to. This reduces the risk of 'man in the middle' attacks.
Read Unread and Mark As Read - Only the unread emails in the mailbox are to be processed and once read, they will be flagged as read (Default).
Read All and Delete - All the emails in the mailbox will be read and deleted after they are successfully processed.
You should be fully aware of the changes you make when switching between strategies as it can potentially impact your allowance.
For example: UserA has been using Read Unread and Mark As Read read strategy for past 5+ months and currently has over 2000 emails residing in the inbox. However, the user has now decided to switch the read strategy over to Read All and Delete and the consequence of this turned out that all the mails residing in the inbox folder were processed by JEMHC which resulted to exceeding the allowance.
Potential impact - POPMail Server configuration may override the instructions given by JEMHC.
For example: read strategy (in JEMHC) has been set to Read Unread and Mark As Read and the Mail Server (POP) has been configured to Delete Gmail's copy once it has been processed. The end result of this would be the processed mail will be deleted from the inbox as per configuration.
Once the server details have been entered, click the Test configuration button to validate the connection. If the connection is valid, you will receive feedback similar to the below:
If you are using Google Mail you may see the following message. If this happens, follow the link in the message and do as described.
Submit the connection settings once they have been successfully validated. Lastly, JEMH will ask you to enter the Inbound email address. Typically this would be the username used in the inbound mail server connection.
Now we will configure JEMHC to be able to send email notifications out to Jira users and also users without a Jira user account (we call them non-Jira users). The first thing to do is configure the outbound mail server connection.
Similarly to inbound mail server configuration, we have the choice of manually defining a connection, or using single-sign-on with Google or Microsoft if desired.
Use the Test configuration button and submit the configuration once it is validated.
Click next to move on to the next wizard section.
Setup Custom Fields
JEMHC needs to store email addresses in custom fields, so that these non-Jira users can be notified later. On this screen, we can select what custom field is used to store a non-Jira email sender's name and address. We can also choose what custom field is used to store non-Jira user email recipients.
If JEMHC warns that a field is not present on the projects issue screen (as above), click the link in the message. You will then be able to associate the field with the appropriate screen related to your project
Repeat this process until all 3 custom fields of your choice are showing the status "found" in the wizard.
Click next once this is done. Finally, JEMHC will present you with a brief summary of the changes that will occur. Clicking submit here will complete the wizard.
On the final screen, you are given some suggestions of what to do next. If you would like to be taken to the JEMH welcome screen at this point, click Go to configuration.
Reviewing outbound settings
Outbound mail configurations are found under Messaging > Message Outbound:
Until the mail server setting has been used, its status will be 'unknown'. To validate this, use the POLL action to send a test mail as before:
Outcome is that the SMTP server status is now Online (this would have happened anyway on first actual usage):
Issue Event Notifications
The configuration for controlling what Jira Projects will drive notifications is accessed through Notifications > Notification Mappings > Issue:
Testing outbound notifications
Recent outbound notifications can be reviewed through: Auditing > Outbound Messages, you can see the two ping messages already sent.
The Auditing > Events view shows the webhook events sent by Jira, and indicates whether they were handled or not. Commenting on the 'test' issue created earlier will be shown quite soon in the Events view:
Soon after that (about a minute) the notification will be sent, shown in the updated Outbound Messages view:
By default JEMHC will track all recent inbound and outbound notifications, retaining content of email in full in encrypted form within the database. At your option, you can opt-out of this retention, but diagnosing any formatting or processing issues will be much harder!
About the Workaround User
The Workaround User is required in order to lookup users, and to do some configuration time validation of some settings, such as validating a user is assignable in a project.
The credentials supplied in JEMHC > Workarounds > User Lookup must have the Jira Global Permission BROWSE_USER, inherited through a group membership.
The related user must also be in the Administrator role in the project, typically, this would mean a user in the administrators group.
The related user must also have Application Access in order to look up issues in the Lookup User Tester.
When everything is valid, setting a Username and a test Project, will result in confirmation:
About Atlassian ID
Users created within Jira Cloud must now be validated as real users, this means that a valid email address will need to be provided during user creation. To create a user for the workaround user for example, follow the steps below:
Within Jira User Management press "Create User"
On the screen that follows, enter a valid email address, username and full name. To avoid creating an email account for the setup of the workaround user, you can set the email address as an aliased address of your own email account. With an example email account of email@example.com you could use firstname.lastname@example.org where "workaround" is the username of the created workaround user. Using the +workaround address will create a unique address for the workaround user that will actually be an alias of your own email account. Emails sent to the +workaround user will arrive in your inbox.
Within the "Additional Options" sub-menu, make sure "Send invitation email" is ticked.
Press "Create User"
An email will now be sent to the email address defined in user creation, click the link in the email to activate the account and set a password for the user.
User account is now created and can be configured as the workaround user.