As I mentioned in my original post, my code was very bare-bones. While it supports authentication, it does not have any encryption features enabled.

You may also need to enable TLS/SSL and possibly STARTTLS in %Net.SMTP. It's also likely that you'll have to specify an alternate port; the default is 25.

Updated to support TLS/STARTTLS and alternate port:

Class User.Mail Extends %RegisteredObject
{

Property MailServer As %String [ InitialExpression = "hostname@domainname" ];
Property FromAddress As %String [ InitialExpression = "fromaddress@domainname" ];
Property EmailCreds As %String [ InitialExpression = "SMTPServer" ];
// May have to change value to 587 or 465 if STARTTLS required
Property SMTPPort As %Integer [ InitialExpression = 25 ];
// The TLS/SSL client configuration will need to be added in
// Management Console: System Administration | Security
Property SSLConfig As %String [ InitialExpression = "TLSClient"];
// Set to 0 if STARTTLS is not necessary
Property UseSTARTTLS As %Boolean [ IniitalExpression = 1 ];
Method Send(pToAddress As %String, pSubject As %String, pBody As %String = "") As %Status
{
    Set tEmail = ##class(%Net.SMTP).%New()
    Set tEmail.port = ..SMTPPort
    Set tEmail.SSLConfiguration = ..SSLConfig
    // STARTTLS: 1 for yes, 0 or omit the following line for no
    Set tEmail.UseSTARTTLS = ..UseSTARTTLS
    If pEmailCreds '= ""
    {
        #dim tCred As Ens.Config.Credentials
        Set tSC = ##class(Ens.Config.Credentials).GetCredentialsObj(.tCred,$CLASSNAME(),"Ens.Config.Credentials",..EmailCreds)
        Return:$$$ISERR(tSC) tSC
        Set tAuth = ##class(%Net.Authenticator).%New()
        Set tAuth.UserName = tCred.Username
        Set tAuth.Password = tCred.PasswordGet()
        Set tEmail.authenticator = tAuth
    }
    Set tEmail.smtpserver = ..MailServer
    Set tEmail.timezone="LOCAL"
    Set tMsg = ##class(%Net.MailMessage).%New()
    Set tMsg.From = ..FromAddress
    Do tMsg.To.Insert(pToAddress)
    Set tMsg.Subject = pSubject
    Set tMsg.Charset = "utf-8"
    Do tMsg.TextData.Write(pBody)
    Return tEmail.Send(tMsg)
}

}

Link to the %Net.SMTP documentation

If you're still having issues authenticating, you will need to reach out to your SMTP provider.

When you say "SMTP Key," are you referring to a User ID and Password? If yes, then create a Credentials entry in the production's namespace via the Management Console's Interoperability | Configure | Credentials menu item and supply the name of the credentials entry as the Credentials property in the User.Mail class.

If there's some other form of authentication required, I'm not sure what to tell you; %Net.SMTP supports only user id/password as far as I know.

The organization doesn't have an Exchange server or GSuite domain? Both can function as SMTP relays, and work with the InterSystems %Net.SMTP class.

Not with this code, no. I interpreted your original request literally, assuming that you wanted to send the email directly from within a custom service.

If you wish to have an Email operation in the production that handles the delivery of messages from routing rules, that's a bit more work to create, but in the end more versatile and easier to support.

If you don't care about having an operation, you could create a class that extends Ens.Rule.FunctionSet that wraps the original class in such a  way that you can send email from a rule:
 

Class User.Util.FunctionSet Extends Ens.Rule.FunctionSet
{
ClassMethod SendEmail(pToAddr As %String, pSubject As %String, pMessageBody As %String) As %Status
{
	Set tMail=##class(User.Mail).%New()
	Set tSC = tMail.Send(pToAddr, pSubject, pMessageBody)
}
}

You could then call it from a rule (the assign simply lets you call it and optionally do something with the returned status):

Do you actually want the logic to check for the specific fields in the service itself? A Business Process with a rule can do this, and would be a bit more "analyst friendly."

Here's a very bare-bones method to send email from within a custom Business Service:

Class User.Mail Extends %RegisteredObject
{

Property MailServer As %String [ InitialExpression = "hostname@domainname" ];

Property FromAddress As %String [ InitialExpression = "fromaddress@domainname" ];

Property EmailCreds As %String [ InitialExpression = "SMTPServer" ];

Method Send(pToAddress As %String, pSubject As %String, pBody As %String = "") As %Status
{
    Set tEmail = ##class(%Net.SMTP).%New()
    If pEmailCreds '= ""
    {
        #dim tCred As Ens.Config.Credentials
        Set tSC = ##class(Ens.Config.Credentials).GetCredentialsObj(.tCred,$CLASSNAME(),"Ens.Config.Credentials",..EmailCreds)
        Return:$$$ISERR(tSC) tSC
        Set tAuth = ##class(%Net.Authenticator).%New()
        Set tAuth.UserName = tCred.Username
        Set tAuth.Password = tCred.PasswordGet()
        Set tEmail.authenticator = tAuth
    }
    Set tEmail.smtpserver = ..MailServer
    Set tEmail.timezone="LOCAL"
    Set tMsg = ##class(%Net.MailMessage).%New()
    Set tMsg.From = ..FromAddress
    Do tMsg.To.Insert(pToAddress)
    Set tMsg.Subject = pSubject
    Set tMsg.Charset = "utf-8"
    Do tMsg.TextData.Write(pBody)
    Return tEmail.Send(tMsg)
}

}

You can set the properties in the class to represent default values for your organization. Otherwise, you would call it like so:

	Set tMail=##class(User.Mail).%New()
	Set tMail.MailServer = "smtpserver.mydomain.com"
	Set tMail.FromAddress = "healthshare@mydomain.com"
	Set tMail.EmailCreds = "SMTPServer"
	Set tSC = tMail.Send("user@mydomain.com","This Thing Happened","And Here's what it is")

You will need to obtain access to an SMTP relay host; HealthShare does not supply one. There will also be adjustments required for the class if encryption is required, and if you need to supply credentials for authentication to the SMTP server, you will need to create a Credentials entry in the Management Console and supply its name for the EmailCreds property.

Is there more to this than just disabling the web application? That simply causes the "Open" button in the Business Rules List or Business Process to display an authentication page, which does not allow one to log on. Until the new rules editor is sorted, it would be nice not  to require extra steps each time a rule needs editing.

EDIT: Oops ... disabled the wrong service (/api/interop-editors). Disabling the right service (/ui/interop/rule-editor) does the job.

@Eduard Lebedyuk is correct (yeah, he's always correct 😁), you can't use a variable for the target in a business rule.

You can do this in a custom BP (COS or Python) or a BPL-based BP, though. The BPL <call> action specifically supports a context variable as a destination:

The variable would be assigned the name of the BH to send to prior to invoking the call.

It's not clear from your post whether you're using any of the healthcare-related variants of the InterSystems suite.

If you're using HealthShare, Health Connect or IRIS for Health, support is included for receiving HL7 messages and storing them via multiple mechanisms. TCP/IP MLLP, HTTP, and file based services are all supported natively.

When configuring a Business Service to receive HL7 messages via TCP/IP MLLP, you would select the EnsLib.HL7.Service.TCPService class and configure the Message Schema Category to "2.5" or "2.5.1" depending on your specific HL7 version. You would also need to configure the port on which to receive the messages, the target Business Process or Operation to act on them, and possibly a few other settings.

Messages received through that service will then be inserted into the Interoperability message store, regardless of HL7 message type; message headers are created to provide tracking/status information and the messages are databased.

If your need is to index and retrieve those messages based on content (patient name, account number, gender, etc), there are additional steps to fetch the specific data elements needed from the messages themselves and populate associated fields in a database structure that addresses those needs. That's something you would need to design; you would populate it using interoperability production components tailored to your filtering requirements and database design.

Can you try the code I posted above, substituting appropriate paths/filenames in the calls to the LinkToFile() methods? Any file will do for the in stream, as long as file/directory permissions permit. This at least would tell us whether the issue is with the key file or the JWT you're attempting to encrypt.

I've tried this on I4H 2023.1 and Health Connect 2021.1.2 and the RSASHASign() method has not failed to generate a signature unless the key was passphrase-protected or not readable (due to file ownership/permissions) by the process opening it.

I just tried RSASHASign() myself and a signature was returned, using your call:
 

Set in=##class(%Stream.FileCharacter).%New()
Do in.LinkToFile("/home/jeff/sample.jwt")
Set token=in.Read()
Set key=##class(%Stream.FileCharacter).%New()
Do key.LinkToFile("/home/jeff/sample.pem")
Set secret=key.Read()
Set sig=##class(%SYSTEM.Encryption).RSASHASign(512,token,secret)

The return value will be the signature only, though, not a signed JWT. If you want the latter, see the ObjectToJWT() method in  %OAuth2.JWT - InterSystems IRIS for Health 2021.1.

The reason this 2-year-old thread floated to the top is because I found it researching an issue I had encountered with EnsLib.HTTP.GenericService.. I wanted to "pass through" a status code I had set as a property of a response message in a business process. While a solution was buried in the thread, the OP claimed it did not work in his case. I'm not sure why; I used a slight variation of that solution with success and simply felt the variation was worth sharing.