Dejal Home

Simon icon Simon
Flexible server monitoring

More tests wanted - POP/SSL, SMTP/SSL, NTP

Thu, 2007-11-15 15:23 — rex

I'd like to have tests for the following protocols:

POP/SSL - POP email retrieval over SSL encrypted link, typically on port 995/TCP

SMTP/SSL - SMTP email sending over SSL encrypted, typically on port 465/TCP

NTP - Network Time Protocol, port 123/UDP

-- Rex

‹ E-mail notifier SSH test - better version ›
Thu, 2007-11-15 16:52 — David Sinclair
David Sinclair's picture

Re: More tests wanted - POP/SSL, SMTP/SSL, NTP

You can add them easily via the Port service (or Script, if you prefer). If you do, please let me know what you end up with, and I'll add them as default services.

Thu, 2007-11-15 18:58 — rex
rex's picture

Re: More tests wanted - POP/SSL, SMTP/SSL, NTP

I would like to add these myself, but don't see any options in Simon for using UDP instead of TCP (for NTP), or for opening an SSL connection. Any hints?

-- Rex

Thu, 2007-11-15 20:35 — David Sinclair
David Sinclair's picture

Re: More tests wanted - POP/SSL, SMTP/SSL, NTP

I'm not aware of a way to connect via UDP instead of TCP using telnet-like operations. I have heard of a tool called netcat, but it doesn't seem to be installed in Mac OS X by default. If you installed it, you could write a Script-based service to call it.

If you or anyone else is aware of any alternative solutions, I'd be keen to hear of them.

Mon, 2007-11-19 14:54 — rex
rex's picture

NTP test

Here's an NTP test that works using /bin/bash:

echo -n '[   !!!!0000NONE111111112222222233333333Success!' | \
  nc -w 1 -u {Server name} 123 | \
  grep 'Success!'

Note that there are three "blank" characters between the left bracket and the first ! in the echo line.

This test creates an barely-legal NTP packet, sends the packet to the server using "nc" with a 1 second timeout, then looks for part of that packet to be echoed back (part of the NTP protocol).

Result 0 is success, anything else is failure.

Here's my description:

Tests that an NTP server is responding using a custom shell script.
Does NOT test if the response makes any sense.

I created a Custom Variable of "Server name" with default of "time.apple.com".

netcat is the full name, but "nc" is the Unix command name. "man nc" for details. nc seems to be installed by default on Leopard.

Mon, 2007-11-19 15:15 — rex
rex's picture

Re: NTP test

Forgot the reference to the NTP protocol, see:

http://www.faqs.org/ftp/rfc/rfc1305.pdf Appendix A

Mon, 2007-11-19 15:59 — rex
rex's picture

POP3/SSL test

Here's a POP3/SSL test that works using /bin/bash

openssl s_client -connect {Server name}:{Server port} < /dev/null | grep '^+OK '

Here's my description:

Tests that a POP3/SSL server is responding using a custom shell script.
Allow at least 90 seconds for test to fail or succeed.

Result 0 is success, anything else is failure.

The default for Custom Variable "Server port" should be 995. No default for Custom Variable "Server name".

The POP3 protocol is here: http://www.ietf.org/rfc/rfc1939.txt

See "man openssl" for more information on that command.

-- Rex

Mon, 2007-11-19 16:04 — rex
rex's picture

SMTP/SSL test

Here's an SMTP/SSL test that works using /bin/bash:

openssl s_client -connect {Server name}:{Server port} < /dev/null | grep '^220 '

Here's my description:

Tests that an SMTP/SSL server is responding using a custom shell script.
Allow at least 90 seconds for test to fail/complete.

Result 0 is success, anything else is failure.

The default for Custom Variable "Server port" is 465, which is considered obsolete, but used by Lotus Notes. SSL encrypted SMTP (and POP3) is supposed to use the standard ports (25 and 110 respectively), then run the STARTTLS protocol. The Custom Variable "Server name" has no default.

The basic SMTP protocol is here: http://www.ietf.org/rfc/rfc1939.txt

-- Rex

Mon, 2007-11-19 17:40 — David Sinclair
David Sinclair's picture

Thank you

Thank you for those. I've added them to the Simon Extras page.