On Tue, Jun 18, 2013 at 11:35 AM, Stan Hoeppner <s...@hardwarefreak.com>wrote:
> On 6/18/2013 11:43 AM, Steve Jenkins wrote: > > > That STILL sounds less simple than those four lines, but you make an > > excellent point, Stan (as usual). I'll look into that in anticipation of > > the next issue that will surely come up. :) > > Well sure, quick hacks are always easy. Call me a purist, "no frills", > "efficiency freak", maybe "reliability freak", or just plain freak. ;) > A few of salient points: > You're the hardware freak, Stan. There's no shame in being freaky. :) > 1. The header alone may be a kilobyte, for a msg body of a few > dozen bytes--horrible overhead, a waste of resources. > > 2. An SNMP/syslog message will be one or two lines, a few dozen bytes > > 3. Comcast's SMTP relay may delay delivery due to any number of > causes. You don't control it. You can't look at nor flush its > queue. Do you need these alerts in real time? Guaranteed delivery? > > 4. SNMP/syslog is realtime. You control it. I will certainly look into a longer term VPN solution, since it will give me the most flexibility moving forward. I've already got one VPN set up here at the house, so I can authenticate on the local domain and grab files, control client devices in the house, etc. Setting up SNMP without the VPN will require a bit of kung fu to get through the Linksys router, epsecially for 6 different UPS units with 6 different UP addresses. Also, I'm not the only person who gets alerted when a Nagios-monitored resource goes critical. The other admins won't be too thrilled if they're woken up by the UPS in my home office announcing a power outage. :) But to get past some issues in your item #3, I actually re-configured it to authenticate and relay through one of my own personal Postfix boxes at the colo, instead of relying on Comcast's SMTP servers. I also figured out how to do it with Gmail's servers (unlike Comcast, Gmail and my Postfix box both require smtp_use_tls=yes). I settled on using my own. Son now I CAN look at and flush the queue (let's add "control" freak to your list of benevolent freakish qualities... cuz control in this case is a GOOD thing). Also, by relaying through one of my personal boxes, I can now DKIM-sign the alerts and make sure they pass SPF, without needing to add PTR records to my zone files. Yes, that adds to the size of the header, but at least I get something in return. SteveJ
