Re: Monitoring SMTPD
Many thanks to all your suggestions. Antonino Sidoti > On 30 Apr 2021, at 2:53 am, Stuart D Gathman wrote: > > On Thu, 29 Apr 2021, Lukas Tribus wrote: > >> So I send emails through a critical SMTP infrastructure to a >> healthchecks.io endpoint, which triggers an alert in the *absence* of >> the email. > > That's a great idea. > >
Re: Monitoring SMTPD
On Thu, 29 Apr 2021, Lukas Tribus wrote: So I send emails through a critical SMTP infrastructure to a healthchecks.io endpoint, which triggers an alert in the *absence* of the email. That's a great idea.
Re: Monitoring SMTPD
Hello, On Thu, 29 Apr 2021 at 03:22, Antonino Sidoti wrote: > > Hello, > > I was wondering what options are available to monitor OpenBSD SMTPD? Can SNMP > be utilise? I like to test the actual service, not just some counters, TCP ports, or static SMTP responses. So I send emails through a critical SMTP infrastructure to a healthchecks.io endpoint, which triggers an alert in the *absence* of the email. Note that you don't necessarily need to use a cloud service, healthchecks.io is OSS: https://github.com/healthchecks/healthchecks Lukas
Re: Monitoring SMTPD
Hello! > On 29. Apr 2021, at 03:22, Antonino Sidoti wrote: > > Hello, > > I was wondering what options are available to monitor OpenBSD SMTPD? Can SNMP > be utilise? My monitoring system is PRTG and I am using that for most of my > systems. Can someone share their way of monitoring please? I run two OpenSMTP > mail servers and would very much like to get some insight as to how they are > performing day to day. > > Thanks > > Antonino Sidoti I use Zabbix with a "UserParameter"-bin to call "smtpctl show stats". regards, --markus smime.p7s Description: S/MIME cryptographic signature
Re: Monitoring SMTPD
On Thu, 29 Apr 2021, Antonino Sidoti wrote: I was wondering what options are available to monitor OpenBSD SMTPD? Can SNMP be utilise? My monitoring system is PRTG and I am using that for most of my systems. Can someone share their way of monitoring please? I run two OpenSMTP mail servers and would very much like to get some insight as to how they are performing day to day. I use nagios. Basic monitoring just connects to port 25 and verifies that there is a response. Most of my servers use sendmail (I use opensmtpd for vms and peer to peer), and the milter API allows me to implement "Magic HELO", to trigger GC of python milters, and report on various stats. (Note that "GC" is not a legal helo name, and thus there is an opening for command extension.) I wonder if something similar to magic HELO is possible with opensmtpd, maybe through filters?
Re: Monitoring SMTPD
On Thu, 2021-04-29 at 07:30 +0200, Martijn van Duren wrote: > On Thu, 2021-04-29 at 11:22 +1000, Antonino Sidoti wrote: > > Hello, > > > > I was wondering what options are available to monitor OpenBSD SMTPD? Can > > SNMP be utilise? My monitoring system is PRTG and I am using that for most > > of my systems. Can someone share their way of > > monitoring please? I run two OpenSMTP mail servers and would very much like > > to get some insight as to how they are performing day to day. > > > > Thanks > > > > Antonino Sidoti > > I've build the following diff some time ago. But isn't going in as is, > because the other devs want something like the filter interface for this > feature, which is understandable. But that needs to be thought out fully > and then also implemented, which might take some time. I'm currently > focussing on other parts of the snmp stack before I want to venture into > smtp processes again. > > Anyway, the diff adds basic agentx support around the NETWORK-SERVICE- > MIB (RFC2788) and the MTA-MIB (RFC2789). Feel free to use it, test it, > and to report bugs. It will probably help keep things in shape, or maybe > even improve its shape, until we finally have that external process. > Keep in mind that this lacks the proper peer review expected from most > OpenBSD base code. > > Usage: > Let net-snmpd (snmpd(8) currently has no agentx support) create an > agentx socket: > master agentx > smtpd connects via the parent process, which is root, so no need for > custom agentXPerms. Forgot to mention: start up net-snmpd with "-I-mta_sendmail", because you get some garbage values from net-snmpd trying to interpret some nonexisting sendmail (at least, that's my interpretation of the output, haven't delved in too deep) > Then you just add the following keyword to smtpd.conf > agentx > And you can walk the data: > martijn$ snmp walk 127.0.0.1 mib_2.27 > mib_2.27.1.1.2.1 = STRING: OpenSMTPd > mib_2.27.1.1.3.1 = STRING: > mib_2.27.1.1.4.1 = STRING: 6.9.0 > mib_2.27.1.1.5.1 = Timeticks: (2100) 0:00:21.00 > mib_2.27.1.1.6.1 = INTEGER: 1 > mib_2.27.1.1.7.1 = Timeticks: (0) 0:00:00.00 > mib_2.27.1.1.16.1 = STRING: OpenSMTPD is a FREE implementation of the > server-side SMTP protocol as defined by RFC 5321, with some additional > standard extensions. It allows ordinary machines to > exchange emails with other systems speaking the SMTP protocol. > mib_2.27.1.1.17.1 = STRING: > martijn$ snmp walk 127.0.0.1 mib_2.28 > mib_2.28.1.1.1.1 = Counter32: 0 > mib_2.28.1.1.2.1 = Counter32: 0 > mib_2.28.1.1.3.1 = Counter32: 0 > mib_2.28.1.1.12.1 = Counter32: 0 > > You can set custom (agentx-master-)path and context as well. > > If you have other applications running that uses the NETWORK-SERVICES > MIB and you want predictable indices from the applIndex you can set it > via the applIndex keyword. Keep in mind that your other applications > need to play nice with the indexAllocate system in any case. > > If you're running on !OpenBSD let me know, I have some diffs to make > libagentx work on at least Ubuntu and maybe others. > > martijn@ > > Index: agentx_control.c > === > RCS file: agentx_control.c > diff -N agentx_control.c > --- /dev/null 1 Jan 1970 00:00:00 - > +++ agentx_control.c29 Apr 2021 05:22:14 - > @@ -0,0 +1,279 @@ > +/* $OpenBSD$ */ > + > +/* > + * Copyright (c) 2020 Martijn van Duren > + * > + * Permission to use, copy, modify, and distribute this software for any > + * purpose with or without fee is hereby granted, provided that the above > + * copyright notice and this permission notice appear in all copies. > + * > + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES > + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF > + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR > + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES > + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN > + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF > + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. > + */ > + > +#include > +#include > +#include > +#include > + > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include "log.h" > +#include "smtpd.h" > + > +static void agentx_control_nofd(struct agentx *, void *, int); > +static void agentx_control_tryconnect(int, short, void *); > +static void agentx_control_read(int, short, void *); > +static void agentx_control_emptystring(struct agentx_varbind *); > +static void agentx_control_applName(struct agentx_varbind *); > +static void agentx_control_applVersion(struct agentx_varbind *); > +static void agentx_control_applUptime(struct agentx_varbind *); > +static void agentx_control_applOperStatus(struct agentx_varbind *); > +static void agentx_control_applLastChange(struct agentx_varbind
Re: Monitoring SMTPD
On Thu, 2021-04-29 at 11:22 +1000, Antonino Sidoti wrote: > Hello, > > I was wondering what options are available to monitor OpenBSD SMTPD? Can SNMP > be utilise? My monitoring system is PRTG and I am using that for most of my > systems. Can someone share their way of > monitoring please? I run two OpenSMTP mail servers and would very much like > to get some insight as to how they are performing day to day. > > Thanks > > Antonino Sidoti I've build the following diff some time ago. But isn't going in as is, because the other devs want something like the filter interface for this feature, which is understandable. But that needs to be thought out fully and then also implemented, which might take some time. I'm currently focussing on other parts of the snmp stack before I want to venture into smtp processes again. Anyway, the diff adds basic agentx support around the NETWORK-SERVICE- MIB (RFC2788) and the MTA-MIB (RFC2789). Feel free to use it, test it, and to report bugs. It will probably help keep things in shape, or maybe even improve its shape, until we finally have that external process. Keep in mind that this lacks the proper peer review expected from most OpenBSD base code. Usage: Let net-snmpd (snmpd(8) currently has no agentx support) create an agentx socket: master agentx smtpd connects via the parent process, which is root, so no need for custom agentXPerms. Then you just add the following keyword to smtpd.conf agentx And you can walk the data: martijn$ snmp walk 127.0.0.1 mib_2.27 mib_2.27.1.1.2.1 = STRING: OpenSMTPd mib_2.27.1.1.3.1 = STRING: mib_2.27.1.1.4.1 = STRING: 6.9.0 mib_2.27.1.1.5.1 = Timeticks: (2100) 0:00:21.00 mib_2.27.1.1.6.1 = INTEGER: 1 mib_2.27.1.1.7.1 = Timeticks: (0) 0:00:00.00 mib_2.27.1.1.16.1 = STRING: OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defined by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange emails with other systems speaking the SMTP protocol. mib_2.27.1.1.17.1 = STRING: martijn$ snmp walk 127.0.0.1 mib_2.28 mib_2.28.1.1.1.1 = Counter32: 0 mib_2.28.1.1.2.1 = Counter32: 0 mib_2.28.1.1.3.1 = Counter32: 0 mib_2.28.1.1.12.1 = Counter32: 0 You can set custom (agentx-master-)path and context as well. If you have other applications running that uses the NETWORK-SERVICES MIB and you want predictable indices from the applIndex you can set it via the applIndex keyword. Keep in mind that your other applications need to play nice with the indexAllocate system in any case. If you're running on !OpenBSD let me know, I have some diffs to make libagentx work on at least Ubuntu and maybe others. martijn@ Index: agentx_control.c === RCS file: agentx_control.c diff -N agentx_control.c --- /dev/null 1 Jan 1970 00:00:00 - +++ agentx_control.c29 Apr 2021 05:22:14 - @@ -0,0 +1,279 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2020 Martijn van Duren + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include "log.h" +#include "smtpd.h" + +static void agentx_control_nofd(struct agentx *, void *, int); +static void agentx_control_tryconnect(int, short, void *); +static void agentx_control_read(int, short, void *); +static void agentx_control_emptystring(struct agentx_varbind *); +static void agentx_control_applName(struct agentx_varbind *); +static void agentx_control_applVersion(struct agentx_varbind *); +static void agentx_control_applUptime(struct agentx_varbind *); +static void agentx_control_applOperStatus(struct agentx_varbind *); +static void agentx_control_applLastChange(struct agentx_varbind *); +static void agentx_control_applDescription(struct agentx_varbind *); +static void agentx_control_applURL(struct agentx_varbind *); +static void agentx_control_mtaReceivedMessages(struct agentx_varbind *); +static void agentx_control_mtaStoredMessages(struct agentx_varbind *); +static void agentx_control_mtaTransmittedMessages(struct agentx_varbind *); +static void agentx_control_mtaLoopsDetected(struct agentx_varbind *); + +static struct agentx *sa; +static struct agentx_session *sas; +static struct agentx_context
Monitoring SMTPD
Hello, I was wondering what options are available to monitor OpenBSD SMTPD? Can SNMP be utilise? My monitoring system is PRTG and I am using that for most of my systems. Can someone share their way of monitoring please? I run two OpenSMTP mail servers and would very much like to get some insight as to how they are performing day to day. Thanks Antonino Sidoti
