Web-Based SMTP Server Monitoring
Web-based monitoring of SMTP email servers is normally conducted using one of two different approaches. The first uses a socket level connection to verify whether or not the target server is operational. The second more comprehensive method involves sending round-robin messages to your email system and its subcomponents. Depending on your needs, hardware, and company size both have validity and a rightful place. To determine what is best for your company, letís examine both in more detail and the advantages and disadvantages of each.
Socket connection is the most prevalent method used by web-based monitoring companies due to its simplicity. A DNS check is normally conducted, then a socket level connection to port 25 of your email server is attempted. If DNS is ok and SMTP port 25 handshaking occurs, the server is viewed as operational. If not, the appropriate notification methods are triggered. The socket connection method advantages are: speed, low bandwidth, and no agent or server changes are required. Because of its simplistic design, socket connection monitoring can be used to monitor SMTP servers your company does not own or manage. The disadvantage to this approach is accuracy. Just because DNS is operational and handshaking occurs, it does not mean the server or subcomponents are actually processing messages.
The second, less used, method involves a round-robin process that actually sends test messages to your email systems and waits for the message to be returned. As with the socket connection method, a DNS check is normally performed first. A test message is then sent by the monitoring company to your email system. The message travels through your gateways, any subcomponents such as antivirus and content/spam filters, through the firewall to the designated internal server. The internal server, based on a pre-established server-based rule, returns the message back to the monitoring company. If the message is received by the monitoring company within the preset time, 15 or 30 minutes for example, the email system and subcomponents are viewed as operational. If not, the appropriate notification methods are triggered.
If you are using Microsoft Outlook & Exchange, a server-based rule would look something like this: Apply this rule after the message arrives from EmailVerify@SiteRecon.com and with "Email Verification for" in the subject forward it to "Webmaster@SiteRecon.com
The advantage of this approach includes the ability to check the complete message process for failures. For example, a gateway checked using the socket connection method could be fully operational, yet a connected spam filtering appliance or antivirus process could be hung halting message processing. Depending on the monitoring company, the ability to include a specific type of attachment to the round-robin process is also available. Including an attachment such as the Eicar.Txt text pattern for example, permits subcomponents such as antivirus to be fully tested. The disadvantages to this approach are: increased processing by your servers as this testing method sends 96 messages per day using a 15 minute monitoring interval; creation of an email account to receive the test message; and establishment of a server based rule.
The diagram below outlines the process for both round-robin and socket connect monitoring methods.
Clearly, the round-robin method offers a more comprehensive testing process than the socket connection method. However, depending upon your needs both process have a rightful place in verifying your email systems are up and operational.
If you do not have the ability to establish server based rules, your only choice is to use monitoring based on the socket connection method. If you have the ability to establish rules, the round robin process offers a much more comprehensive testing method.
Socket connection type monitoring is offered by a wide range of companies and prices vary widely. Round-robin processing is offered by SiteRecon and Websitepulse and range from $11 to $29 per month depending on the monitoring frequency.
About the Author
Lew Newlin is CTO of Information Solutions, Inc. that operates SiteRecon.com. SiteRecon specializes in email monitoring and web site monitoring for Internet service providers and businesses.
You are granted permission to re-publish this article on your website or publication. The only requirement is that you include the complete article, links, and byline.
Article in MS Word format
Article in HTML format
Article in PDF format