Hi

 

I’m trying to figure out what has happend to the mail in our observium.

It was working for a while but not now..

My Observium is a TurnKey appliance download.

 

 

Now i can see that it’s trying to open port 25 on a server that it’s not supposed to go to..

 

 

Don’t know if someone have been messing with the server..

 

 

 

 

Here is my config.php settings.

 

// Enable alerter (not available in CE)

#$config['poller-wrapper']['alerter'] = TRUE;

 

// Set up a default alerter (email to a single address)

$config['alerts']['alerter']['default']['descr']   = "Default Email Alert";

$config['alerts']['alerter']['default']['type']    = "email";

$config['alerts']['alerter']['default']['contact'] = "driftlarm@xxxxxx.se";

$config['alerts']['alerter']['default']['enable']  = TRUE;

 

//Email settings

$config['email']['default'] = "driftlarm@cgit.se";

$config['email']['default_only'] = TRUE;

$config['email']['from'] = "CGit Observium <observium@xxxxx.se>";

$config['email']['backend'] = 'mail';

$config['email']['smtp_host'] = 'smtprelay1.hosting.local';

$config['email']['smtp_port'] = 25;

$config['email']['smtp_timeout'] = 10;

$config['email']['smtp_secure'] = FALSE;

$config['email']['enable'] = TRUE;

$config['email']['smtp_auth'] = FALSE;

$config['email']['smtp_username'] = NULL;

$config['email']['smtp_password'] = NULL;

 

 

ping smtprelay1.hosting.local

PING smtprelay1.hosting.local (172.31.232.15) 56(84) bytes of data.

64 bytes from smtprelay1.hosting.local (172.31.232.15): icmp_seq=1 ttl=64 time=0.460 ms

 

 

 

/opt/observium# ./test_alert.php  -a  34

MIB search path: /opt/observium/mibs

Cannot find module (LM-SENSORS-MIB): At line 0 in (none)

Observium 0.16.5.7901

Test Alert Notification

 

 

#####  Software versions  #####

 

o OS                   Linux 3.16.0-4-amd64 [amd64] (Debian 8.1)

o Apache               2.4.10

o PHP                  5.6.20-0+deb8u1 (OPcache: DISABLED)

o Python               2.7.9

o MySQL                5.5.49-0+deb8u1 (extension: mysqli 5.5.49)

o SNMP                 NET-SNMP 5.7.2.1

o RRDtool              1.4.8

 

#####  MySQL mode  #####

 

o MySQL

 

#####  Charset info  #####

 

o PHP                  UTF-8

o MySQL                utf8

 

#####  Timezones info  #####

 

o Date                 Monday, 13-Jun-16 21:23:47 CEST

o PHP                  +02:00

o MySQL                +02:00

 

o Notifying            [email] Driftlarm: {"email":"driftlarm@cgit.se"}

root@observium1 /opt/observium#

 

 

 

 

 

Output from tcptrack

 

Client                Server                State        Idle A Speed

172.31.232.40:38086   172.16.102.16:25      SYN_SENT     1s     0 B/s

172.31.232.40:38088   172.16.102.16:25      SYN_SENT     28s    0 B/s

172.31.232.40:38090   172.16.102.16:25      SYN_SENT     28s    0 B/s

 

 

 

And as you can see it’s not supposed to connect to 172.16.102.16. that server does not even have a SMTP server on it.

 

 

 

 

 

 

 

Med Vänlig Hälsning

 

Fredrik Winäs 

tel +46 31 762 02 43

fredrik.winas@cgit.se   www.cgit.se

CGit AB   Taljegårdsgatan 11C

SE-431 53 Mölndal