Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 1000 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Proxy for some 7.400 Units showing up as Down

BrucekConvergent
I've upgraded all of my customer's managed Astaro units to 7.400, and have noticed several of them now show up in ACC reporting a problem with the SMTP proxy; none of the units, in reality, are having any such problem (mail is flowing normally, etc.)  The version of ACC is 1.903, and the remote units are set to use the 1.9 version agent.  This was not the case when the units were on 7.306, but perhaps this is a new bug or behavior that will be corrected by ACC 2.0?  See the attached screenshot; the unit for which this "down" SMTP service is reported actually is handling mail traffic just fine.


This thread was automatically locked due to age.
Parents
  • 0
    Hi Bruce,

    thanks for the report - seems to be an issue with the process name/structure having changed on 7.400 compared to 7.306 so the device-agent does not correctly report the information anymore.

    We will have to look into that - if that is really an issue it needs to be corrected with a 7.40x version rather than an ACC 2.000.

    UPDATE: I checked with an ASG 7.400 installation running the SMTP proxy and it shows correctly on our installation of ACC 2.000.

    Could you provide us with the following information from the device in question please.

    First dump the cache of the running device-agent:


    # /var/mdw/scripts/nextgen-agent dump
    Then please send us the output of the following commands:


    # grep smtp -A8 /etc/agent/cache.dump
    # cc get smtp status
    # ps axf | grep exim
    Thanks and regards,
    Henning
  • 0 in reply to megaposer
    FWIW the ACC 2.0 up2date I just installed corrected the problem; I guess you can cross this one off the list; I suspect it was a minor incompatibility between the new device-agent in 7.400 and the 1.903 ACC.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Thanks ... but the Monitoring Service part was never touched so it should not have mattered whether you use 7.400 with 1.903 or 2.000.

    Anyway, if your problem is solved that's good [:D]
  • 0 in reply to megaposer
    All I know is that the only thing that was changed was the up2date to 2.0 ...

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Spoke too soon... after the 7.401 up2date on several devices, seeing the same issue again... I'll capture the data as requested and post it here.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to BrucekConvergent
    Spoke too soon... after the 7.401 up2date on several devices, seeing the same issue again... I'll capture the data as requested and post it here.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
  • 0 in reply to BrucekConvergent
    OK, Finally took the time to run these commands on a unit that's been showing SMTP down for over a day or so (it isn't really down, or this customer wouldn't be sending / receiving emails)...  Here is the output of the commands you asked me to run (this is on Version 7.401):

    :/home/login # grep smtp -A8 /etc/agent/cache.dump
                "smtp" : {
                   "cpu" : 0,
                   "status" : 3,
                   "name" : "SMTP Proxy",
                   "mem" : 0,
                   "rss" : 0,
                   "running" : false,
                   "enabled" : true
                },


    /home/login # cc get smtp status
    smtp->status = 1


    /home/login # ps axf | grep exim
     1218 pts/0    S+     0:00                      \_ grep exim
    16435 ?        S      0:00  \_ bin/exim -DINPUT -bdf


    Looks like only the device agent is confused.

    ETA:  FWIW, the other unit that is currently showing SMTP as down (but really isn't) renders the same results as above (except for the pid's, of course).

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Okay, thanks a lot ... we will check this ASAP.
  • 0 in reply to megaposer
    Confirmed, will probably be fixed in 7.402 - thanks Bruce!
Unfiltered HTML