check_smtp und SMTPS

Kevin Keane subscription at kkeane.com
Sat Mar 21 20:16:09 CET 2009

Previous message: check_smtp und SMTPS
Next message: check_smtp und SMTPS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dirk H. Schulz wrote:
> Marc Powell schrieb:
>   
>> On Mar 20, 2009, at 9:57 AM, Dirk H. Schulz wrote:
>>
>>   
>>     
>>> Hi Folks,
>>>
>>> I am trying to check a mailserver using SSL:
>>>
>>> ./check_smtp -H my.server.tld -S -p 465
>>> CRITICAL - Socket timeout after 10 seconds
>>> ./check_tcp -H my.server.tld -p 465
>>> TCP OK - 0.002 second response time on port 465|time=0.001616s;;;
>>> 0.000000;10.000000
>>>
>>> SMTPS ist in productive use on that server, as you can see check_tcp
>>> can reach the port, but check_smtp claims not to reach the SMTPS
>>> service.
>>>     
>>>       
>> It seems to work as advertised. What do you see with verbose mode for  
>> check_smtp --
>>   
>>     
> check_smtp -H my.server.tld -S -p 465 -v
> HELOCMD: EHLO nagios.server.tld
> CRITICAL - Socket timeout after 10 seconds
>
> That is all. It looks like check_smtp sends a EHLO but does not get 
> anything back.
>
> Strange. I have to check with kerio support, I guess.
>
> Dirk
>   
You are using the wrong plugin. check_smtp does not understand 
SSL-protected SMTP. Use the check_ssmtp plugin instead; that is what I 
am using for this purpose.

The -S option turns on TLS (also known as starttls), not SSL. They are 
*almost* the same, with one critical difference: with TLS, the initial 
conversation (the EHLO and one or two more commands and responses) 
occurs in plain text, and THEN the client and the server negotiate 
encryption. That way, you can run encrypted and unencrypted traffic at 
the same time over the same port (25 or 587).

On port 465, the server turns on encryption first, and then expects the 
EHLO to already be encrypted.

-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof.

------------------------------------------------------------------------------
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: check_smtp und SMTPS
Next message: check_smtp und SMTPS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list