Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Smtp monitor not working Relayd load balancer 2.0.2-RELEASE (i386)

    General pfSense Questions
    3
    11
    2475
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      patrickbertke last edited by

      Using the loadbalancer to direct mail to 2 smtp servers.

      SMTP monitor will not work (always shows servers down).

      I have followed the steps outlined here:

      https://github.com/bsdperimeter/pfsense/commit/54d1a165d500225547337ddba7aa10e7e5f79c98
      https://github.com/bsdperimeter/pfsense/commit/07c49a3698ab458ea7ad8c0501d394c09e48dc60

      My SMTP server logs report:

      ME-I0069: (recv) socket [1384] was gracefully closed 192.168.X.X before any command received. Remote client closed the connection.
      ME-I0074: [1384] (Debug) End of conversation

      So it appears that the command is being sent.

      the smtp monitor is still default:

      Name    SMTP
      Description    Generic SMTP
      Type     Send/Expect    
      Send string   EHLO nosuchhost  
      Expect string    250-

      Anyone have any idea why the monitor will not work or what i am doing wrong?

      Thank you in advance.

      1 Reply Last reply Reply Quote 0
      • P
        patrickbertke last edited by

        Sorry i forgot to include the pfsense log:

        relayd[22665]: host 192.168.X.X, check send expect (1001ms), state unknown -> down, availability 0.00%

        Let me know if there is any other info….

        1 Reply Last reply Reply Quote 0
        • jimp
          jimp Rebel Alliance Developer Netgate last edited by

          if you telnet to port 25 on the target host, and enter "EHLO nosuchhost" - what comes back?

          It could be getting back an unexpected code (e.g. not the 250 it wants) or the server could be denying it using some kind of anti-spam controls.

          1 Reply Last reply Reply Quote 0
          • P
            patrickbertke last edited by

            Sorry I actually meant to include that in my original post.

            When I telnet to the server(s) I get

            250-mydomainname.com, this server offers 4 extensions.
            250-AUTH LOGIN
            250-SIZE 5120000
            250-HELP
            250 AUTH=LOGIN

            Thank you for your help.

            1 Reply Last reply Reply Quote 0
            • P
              patrickbertke last edited by

              Is there a log on pfsense that will tell me exactly what it is getting back from its EHLO request?

              For testing - I built a brand new windows 2003 server (not what is in my production cluster) with No A/V no Firewall and SMTP as the only service running.
              I can telnet to it, pass messages through it but still can’t get pfsense to monitor correctly.  ??? ???

              I don’t claim in anyway to know all the ins and outs of pfsense but I have never had any problems getting anything else to work correctly.

              Please HELP ME!  ;)

              Thanks again!

              1 Reply Last reply Reply Quote 0
              • P
                patrickbertke last edited by

                Not that it is a surprise but if I change the monitor to ICMP it works perfectly. BUT obviously this monitor will not be able to monitor SMTP failures….

                1 Reply Last reply Reply Quote 0
                • jimp
                  jimp Rebel Alliance Developer Netgate last edited by

                  @Orange:

                  When I telnet to the server(s) I get

                  250-mydomainname.com, this server offers 4 extensions.
                  250-AUTH LOGIN
                  250-SIZE 5120000
                  250-HELP
                  250 AUTH=LOGIN

                  So if you telnet, and type in exactly this:

                  EHLO nosuchhost
                  

                  That is the reply you receive?

                  If so, that should be working, unless the server is denying that after so many requests. Might be helpful to get a packet capture of the monitoring traffic. Ppacket capture filtered on the internal IP of the firewall, port 25, should be sufficient.

                  1 Reply Last reply Reply Quote 0
                  • V
                    vorgusa last edited by

                    I am having the same problem.  I grabbed a packet capture and attached it.  I see the 220 for SMTP service ready, but nothing else.  Could it be that relayd is not sending out the request

                    I am on pfsense 2.0.3

                    packetcapture.cap.txt

                    1 Reply Last reply Reply Quote 0
                    • V
                      vorgusa last edited by

                      I noticed another thing.  If I am on the local network I can not connect to my Virtual server.  My Virtual server is a LAN IP and not the WAN IP, but if I am on a remote laptop that is VPN'd in it works fine.  Any local server says no route to host.

                      1 Reply Last reply Reply Quote 0
                      • V
                        vorgusa last edited by

                        is there something I need to do to get the traffic routed properly or is relayd not supposed to be used for LAN traffic?

                        1 Reply Last reply Reply Quote 0
                        • jimp
                          jimp Rebel Alliance Developer Netgate last edited by

                          If both servers and clients are on the same network, you will have problems.

                          For that you need to use a load balancer that proxies (e.h. HAproxy) or you must switch to manual outbound NAT and add rules to translate the traffic from client->server on LAN so that it appears to come from the firewall.

                          Otherwise the server tries to reply directly to the client and breaks the connection

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post

                          Products

                          • Platform Overview
                          • TNSR
                          • pfSense Plus
                          • Appliances

                          Services

                          • Training
                          • Professional Services

                          Support

                          • Subscription Plans
                          • Contact Support
                          • Product Lifecycle
                          • Documentation

                          News

                          • Media Coverage
                          • Press
                          • Events

                          Resources

                          • Blog
                          • FAQ
                          • Find a Partner
                          • Resource Library
                          • Security Information

                          Company

                          • About Us
                          • Careers
                          • Partners
                          • Contact Us
                          • Legal
                          Our Mission

                          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                          Subscribe to our Newsletter

                          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                          © 2021 Rubicon Communications, LLC | Privacy Policy