Missing shutdown/reboot notifications via email
-
I'm getting notification e-mails from mine here as I reboot them and upgrade.
I made some changes recently to the notification timing and how that all works but those changes have been in place for over a month now.
-
@jimp I performed some some testing this morning. Notifications of reboot and startup completion are being delivered via Pushover; but they are not being delivered via SMTP Submission Port (587) when 587 requires START-TLS. The checking "the Enable SMTP over SSL/TLS" option only works in conjunction with port 465.
-
@jimp Even with "Enable SMTP over SSL/TLS" and port 465, when the system reboots there is no e-mail notification sent.
This is with version: Netgate pfSense Plus 23.09-DEVELOPMENT amd64 20230926-0600
and an SMTP server that must have an active WAN gateway to reach. The SMTP logs show no connection attempt. The SMTP test notification e-mail is delivered successfully.
The Pushover notification is delivered so at the very least that notification is being sent before the WAN gateway is torn down and after it is back up. Is it possible that the SMTP notifications are being sent after the WAN gateway is torn down and before its back up?
An unrelated question. Besides shutdown and restart notifications and certificate expiration notifications, what other notifications are there? I would like to receive notifications when the gateway drops and is restored. Perhaps when logins succeed.
-
How odd - It worked just fine earlier this week on lower dev loads but today I've had my router up and down with no emails to show for it. However, if I trigger the GUI 'Test SMPT Settings' button it works each and every time.
21 Sep:
Notifications in this message: 1 ================================ 18:51:47 System is going to be upgraded. Rebooting in 10 seconds.
Today, I can only get this:
This is a test message from Netgate pfSense Plus. It is safe to ignore this message.
I'll also monitor this.
๏ธ
-
Just tried 3 reboots, this time from the GUI. Zero emails received. Looks like a small bug has crept-in.
๏ธ
-
I think I see what's happened. We've been working on the way the base system is packaged and some of the PHP scripts in the bin directory are not set executable.
Try this and see if it starts working afterward:
chmod a+x /usr/local/bin/mail.php chmod a+x /usr/local/bin/notify_monitor.php
-
@jimp said in Missing shutdown/reboot notifications via email:
chmod a+x /usr/local/bin/mail.php chmod a+x /usr/local/bin/notify_monitor.php
Yep, that fixed it:
Notifications in this message: 2 ================================ 16:28:26 Bootup complete 17:13:58 Netgate pfSense Plus is rebooting now.
Notifications in this message: 1 ================================ 17:15:39 Bootup complete
Quick fix Jim!
๏ธ
-
@jimp Issue resolved.
Thanks
-
@jimp said in Missing shutdown/reboot notifications via email:
Try this and see if it starts working afterward:
chmod a+x /usr/local/bin/mail.php
chmod a+x /usr/local/bin/notify_monitor.phpWith this change e-mail notifications are sent.
The subject line is "<hostname> - Notification". It would be more useful to me if the subject line included the text of the most recent notification.
-
@jimp after upgrading to Netgate pfSense Plus 23.09-DEVELOPMENT amd64 20230928-0520 restart notifications were sent.
-
@jaltman said in Missing shutdown/reboot notifications via email:
but they are not being delivered via SMTP Submission Port (587) when 587 requires START-TLS. The checking "the Enable SMTP over SSL/TLS" option only works in conjunction with port 465.
Port 465 or smtps is TLS from byte 1. The mail server will not offer any 'START-TLS' capability, as the connection is already TLS.
So, yes, when using port 465, "Enable SMTP over SSL/TLS" must be checked.
When I think about it : if '465' is selected, this should actually disappear and being checked in the background, as on planet earth port 465 TCP implies TLS.When using submission (port 587), 'START-TLS' can be present in the mail server capabilities list if it supports TLS.
pfSense will test the presence of this capability, and auto issue 'START-TLS' when available.IMHO : Port '587' (TCP) should be is on the "depreciated list", exactly like port the web server port 80 TCP - no one (should) use(s) non-TLS web traffic. Its all TLS (1.3) these days.
@jaltman said in Missing shutdown/reboot notifications via email:
when the system reboots there is no e-mail notification sent.
Did you find a message in the main log file saying :
@jaltman said in Missing shutdown/reboot notifications via email:
I would like to receive notifications when the gateway drops and is restored.
"Complicated".
When your Internet connections goes down, or "the gateway becomes unreachable" these notifications gets stored in the internal mail queue. And will get send when the connection comes back ..... (if it comes back).I also receive mails from NUT, these tell me about local power issues.
I also receive mail notifications if new system and/or pfSense packages become available (script available on the forum)
Login ? Not so needed for me, as I didn't give away the password. Login is only possible from my LAN interface, the interface where trusted users reside, and that's me and ...... wait .... only me in fact.
All the others have their own network, and on that interface 'hacking pfSense' isn't on the menu.But ... I've posted somewhere, half year ago ? on this forum the one and only PHP line to add 'somewhere' and then you receive a admin login notification.
-
@Gertjan I tested against with port 587 and START-TLS is working.
@Gertjan said in Missing shutdown/reboot notifications via email:
"Complicated".
When your Internet connections goes down, or "the gateway becomes unreachable" these notifications gets stored in the internal mail queue. And will get send when the connection comes back ..... (if it comes back).That is the behavior I would expect unless the mail server is accessible via the LAN port or there is more than one gateway configured.
@Gertjan said in Missing shutdown/reboot notifications via email:
Login ? Not so needed for me, as I didn't give away the password.
I don't give away the password either unless I'm sharing it with Netgate support BUT the point of the notification is in case someone steals it or brute forces it.@Gertjan said in Missing shutdown/reboot notifications via email:
But ... I've posted somewhere, half year ago ? on this forum the one and only PHP line to add 'somewhere' and then you receive a admin login notification.
Thanks. I will look for the post.
-
@jaltman said in Missing shutdown/reboot notifications via email:
I will look for the post.