You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Josh Malone 2018-12-31 14:08:48 UTC
Description of problem:
The latest check_smtp plugin version fails to properly detect availability of STARTTLS on the server and reports a false error for the service. Proper TLS configuration of my servers has been verified by clients and testssl.sh
Version-Release number of selected component (if applicable):
220 corvus.cv.nrao.edu ESMTP Sendmail 8.14.4/8.14.4; Mon, 31 Dec 2018 08:31:44 -0500
WARNING - TLS not supported by server
sent QUIT
received 250-corvus.cv.nrao.edu Hello nagios.cv.nrao.edu [10.2.96.126], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
Expected results:
[root@sysmon ~]# /usr/local/nagios/plugins/check_smtp -H 192.33.115.33 -S -D 30 -v
HELOCMD: EHLO sysmon
220 corvus.cv.nrao.edu ESMTP Sendmail 8.14.4/8.14.4; Mon, 31 Dec 2018 09:04:08 -0500
sent EHLO sysmon
250-corvus.cv.nrao.edu Hello nagios.cv.nrao.edu [10.2.96.126], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
SSL OK - Certificate '*.cv.nrao.edu' will expire on 2019-04-26 19:59 -0400/EDT. sent QUIT
received 221 2.0.0 corvus.cv.nrao.edu closing connection
[tag] [reply] [−] Private Comment 1 Klaus Tachtler 2019-01-01 16:50:04 UTC
Same issue with the nagios-plugins-smtp-2.2.1-15.20180725git3429dad.el7.x86_64
220 vml70110.idmz.tachtler.net ESMTP Postfix
WARNING - TLS not supported by server
sent QUIT
received 250-server110
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
/usr/lib64/nagios/plugins/check_smtp does NOT detect the EHLO answer 250-STARTTLS correctly.
The text was updated successfully, but these errors were encountered:
In that case, I don't think the issue pertains to this repo. If you have reproduced this by compiling from this repo, please let me know and I'll re-open the issue.
The following was opened in the Red Hat Bugzilla for nagios-plugins-2.2.1
https://bugzilla.redhat.com/show_bug.cgi?id=1662677
Josh Malone 2018-12-31 14:08:48 UTC
Description of problem:
The latest check_smtp plugin version fails to properly detect availability of STARTTLS on the server and reports a false error for the service. Proper TLS configuration of my servers has been verified by clients and testssl.sh
Version-Release number of selected component (if applicable):
nagios-plugins-smtp-2.2.1-15.20180725git3429dad.el7.x86_64
How reproducible:
Every time
Steps to Reproduce:
check_smtp -H 192.33.115.33 -S -D 30
Actual results:
[root@sysmon ~]# /usr/lib64/nagios/plugins/check_smtp -H 192.33.115.33 -S -D 30 -v
HELOCMD: EHLO sysmon
Sending header PROXY TCP4 0.0.0.0 0.0.0.0 25 25
220 corvus.cv.nrao.edu ESMTP Sendmail 8.14.4/8.14.4; Mon, 31 Dec 2018 08:31:44 -0500
WARNING - TLS not supported by server
sent QUIT
received 250-corvus.cv.nrao.edu Hello nagios.cv.nrao.edu [10.2.96.126], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
Expected results:
[root@sysmon ~]# /usr/local/nagios/plugins/check_smtp -H 192.33.115.33 -S -D 30 -v
HELOCMD: EHLO sysmon
220 corvus.cv.nrao.edu ESMTP Sendmail 8.14.4/8.14.4; Mon, 31 Dec 2018 09:04:08 -0500
sent EHLO sysmon
250-corvus.cv.nrao.edu Hello nagios.cv.nrao.edu [10.2.96.126], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
SSL OK - Certificate '*.cv.nrao.edu' will expire on 2019-04-26 19:59 -0400/EDT. sent QUIT
received 221 2.0.0 corvus.cv.nrao.edu closing connection
Additional info:
Compiling check_smtp from the current nagios-plugins 2.2.1 from upstream vendor (https://www.nagios.org/downloads/nagios-plugins/) does not exhibit this issue.
[tag] [reply] [−] Private Comment 1 Klaus Tachtler 2019-01-01 16:50:04 UTC
Same issue with the nagios-plugins-smtp-2.2.1-15.20180725git3429dad.el7.x86_64
/usr/lib64/nagios/plugins/check_smtp -S -H 127.0.0.1 -p 25 -D 21 -v
HELOCMD: EHLO server110
Sending header PROXY TCP4 0.0.0.0 0.0.0.0 25 25
220 vml70110.idmz.tachtler.net ESMTP Postfix
WARNING - TLS not supported by server
sent QUIT
received 250-server110
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
/usr/lib64/nagios/plugins/check_smtp does NOT detect the EHLO answer 250-STARTTLS correctly.
The text was updated successfully, but these errors were encountered: