Are you getting an "sslcert" column? It gets generated automatically for https and similar protocols, but I don't know it that's generated for smtps. If it is, you can alert on that column. You can set WARN and PANIC number of days in the hosts.cfg entry.
Ralph Mitchell
On Wed, Jun 16, 2021 at 1:29 AM Lists <lists at benjamindsmith.com> wrote:
On Tuesday, June 15, 2021 7:46:56 PM PDT Jeremy Laidman wrote:
Benjamin
Firstly, you'll see 220 at the very start, and then 250 after sending EHLO or HELO. So you were correct the first time, with "expect 220".
Thanks Jeremy, I put this back
Secondly, the mail server uses STARTTLS, so it's not doing encryption at the point that the EHLO and QUIT strings are sent. The "ssl" option in protocols.cfg assumes SSL/TLS is present during the handshake, immediately after the TCP connection is established, rather than after issuing the "send" string. Try removing the "ssl" option from protocols.cfg and see if that helps.
And when I do this, it "tests green" but apparently no longer is testing the SSL certificate.
Is there a way to have xymon test the validity and currency of the SSL certificate too? Especially with LetsEncrypt certificates, I'd like to have warning if there is a problem with the postfix certificate config.
Thanks,
Ben _______________________________________________ Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon