Heartbeat - monitor email domains


I am trying to monitor email domains (with heartbeat) for example:

- type: tcp
  name: TLS_CHECK
  schedule: '@every 30s'
  hosts: ["tls://mx.example.com"]
  ports: [25]

Unfortantly this give me the following error:
tls: first record does not look like a TLS handshake

What's going wrong?
When removing the scheme before the host, it works but I don't get the tls certificate which my goal is to monitor.

Hope somebody have suggestions to solve this.

If you want to use SSL session, there should be a certificate.

    certificate_authorities: ['/etc/ca.crt']

Check the documentation

Still get the same error. This is the config:

- type: tcp
  name: TLS_CHECK
  schedule: '@every 30s'
  hosts: ["smtp.google.com"]
  ports: [25]
    certificate_authorities: ['/etc/heartbeat/ca.crt']
    supported_protocols: ["TLSv1.1", "TLSv1.2"]

I have used the ca.crt from the elasticsearch folder (/etc/elasticsearch/certs/http_ca.crt).

What I am doing wrong here?

Hi @Robin020,

STMP:25 is not a TLS-by-default service, although it can accept TLS negotiation post-fact. Since heartbeat is expecting to get a TLS negotiation handshake, it shows that error when the remote party does not continue with the flow.

You'll need to figure out of your service provides a TLS-secured version on a different port.

Good catch Emilio. Standard ports:

  • (Gmail) SMTP port (TLS): 587
  • (Gmail) SMTP port (SSL): 465

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.