- edited description
IMAP STARTTLS fails
Issue #908
resolved
While setting up an email server on Debian 10.4 using Monit 5.26.0, I’ve found something very odd.
Both the plain and encrypted (with STARTTLS) methods on the SMTP port are working fine:
check host "localhost smtp" with address localhost if failed port 25 with protocol smtp then alert check host "localhost smtps" with address localhost if failed port 25 protocol smtps and certificate valid > 10 days then alert
Checking the unsecure IMAP is also fine:
check host "localhost imap" with address localhost if failed port 143 with protocol imap then alert
However, the following rule, trying to monitor the STARTTLS on IMAP fails:
check host "localhost imaps" with address localhost if failed port 143 protocol imaps and certificate valid > 10 days then alert
The error message says:
Connection failed | Timestamp failed
SMTP is served by Postfix 3.4.10 and the IMAP server is Dovecot 2.3.4.1. Both work fine with other software, so I assume they’re both speaking STARTTLS very well. (Checked them both with openssl s_client and they seemed to be fine.)
Comments (6)
-
reporter
-
reporter
- edited description
-
reporter
- edited description
-
repo owner
- marked as enhancement
Monit doesn’t implement STARTTLS for the IMAP protocol currently, you can check:
- either port 143 with plain “imap”
- or port 993 with “imaps” (which performs SSL handshake immediately)
We can add support for IMAP STARTTLS in the future.
-
repo owner
- changed status to resolved
Fixed: Issue
#908: Add STARTTLS support to the IMAPS protocol test. Example: if failed port 143 protocol imaps then alert→ <<cset 1bd3dbcfdf1e>>
-
repo owner
Issue
#944was marked as a duplicate of this issue. - Log in to comment