Check/monitor SMTP server for TLS and SSL connections

Written by Claudio Kuenzler - 0 comments

Published on October 22nd 2012 - Listed in Linux Nagios Internet Mail Monitoring

There are a couple of possibilities how to monitor SSL over SMTP and TLS over SMTP, I'll show two of them here.

With Nagios plugins

The Nagios plugins come with check_smtp for normal smtp connections and tls and check_ssmtp for ssl on smtp. check_ssmtp is using check_tcp in the background.

Check TLS over SMTP running on port 587 on remote server:

./check_smtp -H remote.example.com -p 587 -S
SMTP OK - 0.329 sec. response time|time=0.328936s;;;0.000000

Check SSL over SMTP running on port 465 on remote server:

./check_ssmtp -H remote.example.com -p 465 -S
SSMTP OK - 0.171 second response time on port 465 [220 remote.example.com Postfix ready]|time=0.171020s;;;0.000000;10.000000

With openssl command

Another very handy way is to use openssl as a command. I actually didn't know it was possible to use openssl as a connection "client" until I read this post today.

Check TLS over SMTP running on port 587 on remote server:

openssl s_client -connect remote.example.com:587 -starttls smtp

Check SSL over SMTP running on port 465 on remote server:

openssl s_client -connect remote.example.com:465

Both commands will return the actual TLS/SSL server certificates and you'll arrive at the "mail prompt" which then usually starts with "ehlo" or "helo". From here on you can check to send an e-mail or check for the mail return codes.

Add a comment

Comments (newest first)

No comments yet.