Page 1 of 2
How to configure Nagios to send emails over TLS
Posted: Mon Oct 12, 2020 9:42 am
by mccrakem
Hi
Is there any documentation on how to configure Nagios to connect to our Postfix Servers and send emails over a TLS connection At present I get the following message
Mailer said (date Time} SMTP connect () failed.
https://giyhub.com/PHPMailer/wikiTroubleshooting (method=smtp;host=POSTFIXSERVER01;port=587;security=tls), Referer:admin/testmail.php
An error occured sending a test email
Thanks
Re: How to configure Nagios to send emails over TLS
Posted: Mon Oct 12, 2020 1:13 pm
by jdunitz
Re: How to configure Nagios to send emails over TLS
Posted: Tue Oct 13, 2020 3:45 am
by mccrakem
Hi Jeffrey
Thanks I did see tat Doc alright but I was looking more information on the UserId that is required
I take it that's a local account on the Postfix Server itself but is there any special level of access that it needs or is it just a standard userid
Thanks
Re: How to configure Nagios to send emails over TLS
Posted: Tue Oct 13, 2020 5:49 am
by mccrakem
Hi Jeffrey
I enabled the PHPMailer - Troubleshooting Using Debug Logging
and this is the output, if this helps any, on the Postfix Servers we are using Selfsigned Certs
020-10-13 10:31:31 CLIENT -> SERVER: STARTTLS
2020-10-13 10:31:31 SMTP -> get_lines(): $data is ""
2020-10-13 10:31:31 SMTP -> get_lines(): $str is "220 2.0.0 Ready to start TLS"
2020-10-13 10:31:31 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
2020-10-13 10:31:31 Connection failed. Error #2: stream_socket_enable_crypto(): SSL: Connection reset by peer [/usr/local/nagiosxi/html/includes/phpmailer/class.smtp.php line 375]
SMTP Error: Could not connect to SMTP host.
2020-10-13 10:31:31 CLIENT -> SERVER: QUIT
2020-10-13 10:31:31 Connection failed. Error #8: fwrite(): send of 6 bytes failed with errno=32 Broken pipe [/usr/local/nagiosxi/html/includes/phpmailer/class.smtp.php line 999]
2020-10-13 10:31:31 SERVER -> CLIENT:
2020-10-13 10:31:31 SMTP ERROR: QUIT command failed:
2020-10-13 10:31:31 Connection: closed
SMTP connect() failed.
https://github.com/PHPMailer/PHPMailer/ ... leshooting
Re: How to configure Nagios to send emails over TLS
Posted: Tue Oct 13, 2020 10:08 am
by mccrakem
Hi Jeffrey
Now when I put the email back to Port 25 and Security none I am still getting the same message
2020-10-13 15:08:06 SMTP -> get_lines(): $str is "250 DSN"
2020-10-13 15:08:06 SERVER -> CLIENT: 250-wylbproductmail.pa-dev.knxa250-PIPELINING250-SIZE 20480000250-VRFY250-ETRN250-STARTTLS250-ENHANCEDSTATUSCODES250-8BITMIME250 DSN
2020-10-13 15:08:06 CLIENT -> SERVER: STARTTLS
2020-10-13 15:08:06 SMTP -> get_lines(): $data is ""
2020-10-13 15:08:06 SMTP -> get_lines(): $str is "220 2.0.0 Ready to start TLS"
2020-10-13 15:08:06 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
2020-10-13 15:08:06 Connection failed. Error #2: stream_socket_enable_crypto(): SSL: Connection reset by peer [/usr/local/nagiosxi/html/includes/phpmailer/class.smtp.php line 375]
SMTP Error: Could not connect to SMTP host.
2020-10-13 15:08:06 CLIENT -> SERVER: QUIT
2020-10-13 15:08:06 Connection failed. Error #8: fwrite(): send of 6 bytes failed with errno=32 Broken pipe [/usr/local/nagiosxi/html/includes/phpmailer/class.smtp.php line 999]
2020-10-13 15:08:06 SERVER -> CLIENT:
2020-10-13 15:08:06 SMTP ERROR: QUIT command failed:
2020-10-13 15:08:06 Connection: closed
SMTP connect() failed.
https://github.com/PHPMailer/PHPMailer/ ... leshooting
Thanks
Re: How to configure Nagios to send emails over TLS
Posted: Tue Oct 13, 2020 4:19 pm
by ssax
What PHP version are you running?
For TLS 1.2 you need to be on at least PHP 5.6:
https://support.nagios.com/kb/article/n ... 7-860.html
What do you have set for
public $SMTPAutoTLS in your
/usr/local/nagiosxi/html/includes/phpmailer/class.phpmailer.php file around line
260?
What is the output of this command?
Code: Select all
openssl s_client -starttls smtp -connect YOURMAILSERVER:587
Re: How to configure Nagios to send emails over TLS
Posted: Wed Oct 14, 2020 2:43 am
by mccrakem
Hi Sean
I have attached a Text file with the output from the commands you have asked me to run
PHP Version is 5.4.16
I get different responces when checking the the openssl command against the Postfix Servers and the VIP that they are a member of
Thanks
Re: How to configure Nagios to send emails over TLS
Posted: Wed Oct 14, 2020 5:17 am
by mccrakem
Sorry Sean
tried to be proactive and upgrade php to 7.4
[root@dwylbopngios02 ~]# php -v
PHP 7.4.11 (cli) (built: Sep 29 2020 10:17:06) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
You have mail in /var/spool/mail/root
But now the only things showing Green in Nagios Admin is
Monitoring Engine
Performance Grapher
All the others are showing as Red
Re: How to configure Nagios to send emails over TLS
Posted: Wed Oct 14, 2020 3:01 pm
by ssax
Was this a copy/paste error? You list this in your output (misspelled false):
But it should be this:
Try editing your /etc/openldap/ldap.conf and add this:
Then restart httpd:
Then test again.
Please send me a copy of your profile, you can download it from Admin > System Profile by clicking the Download Profile button.
If you're unable to generate the the profile through the web interface, please try generating it from the command line by running these commands as root:
Code: Select all
rm -rf /usr/local/nagiosxi/var/components/profile*
/usr/local/nagiosxi/scripts/components/getprofile.sh SUPPORT
Then send me the resulting
/usr/local/nagiosxi/var/components/profile.zip file.
If the profile script fails, please include the ENTIRE output.
Re: How to configure Nagios to send emails over TLS
Posted: Wed Oct 14, 2020 3:15 pm
by mccrakem
Hi Sean
yes that was a typo on my side,
This is set correctly now
260 public $SMTPAutoTLS = false;
This setting was already present in the /etc/openldap/ldap.conf file
TLS_REQCERT allow
When I tried to Download the Profile all I got was this message
PROFILE BUILD FAILED
Array
(
)
CODE: 1
Find attached the Profile and a Screenshot of our Admin Page
Thanks