F5-SMTP-Monitor

The builtin smtp monitor on BIG-IP F5 has two problems:

1. it only checks if the SMTP server responds to connections and HELO/EHLO
2. It contains a bug that causes exim to send a TCP RST resulting on that backend being marked as down. This is fixed in a newer releases, but the original author can't use that for unrelated reasons.

This monitor also detects breakage in later stages like behavior checks (spam detection) and content checks (for example antivirus) by actually sending a test email. This is basically a simple SMTP client that adheres to the BIG-IP calling- and reporting conventions.

Check the builtin help for up-to-date information on switches and usage:

$ f5-smtp-monitor --help
This smtp backend check expects two mandatory arguments:

1. ip address (IPv4-mapped IPv6 addresses for IPv4, e.g. "":ffff:a.b.c.d")
2. tcp port number

The rest of the program is controlled by environment variables (defaults in parenthesis):

* DEBUG:     when set to anything than 0 enables debugging output to syslog (0)
* SENDER:    mail sender ([email protected])
* RECIPIENT: mail recipient ([email protected])
* SUBJECT:   mail subject ("F5 Loadbalancer Keepalive Test")
* BODY:      mail body ("")
* TLS:       set TLS mode: NONE/PLAIN, STARTTLS or TLS (no certificate verification when TLS* set) (NONE)
* HELO:      use value for HELO/EHLO (os.Hostname() or "f5-keepalive-test.localdomain" on error)
* TESTAV:    add EICAR test virus to body when set (NOT SET)
* TESTSPAM:  add GTUBE spam string to body when set (NOT SET)

Prebuilt binaries

Autogenerated binaries are available on the project's release page on github. There are no further dependencies.

How to build

Install Go on your build machine.

go get -v github.com/hreese/f5-smtp-monitor
cd $GOPATH/src/github.com/hreese/f5-smtp-monitor
GOOS=linux GOARCH=amd64 go build -ldflags "-s -w"

Setting up the monitor on BIG-IP F5

The F5-setup is firmware specific. Check the BIG-IP Local Traffic Manager: Monitors Reference for your version for details.

Configuration variables

• DEBUG is part of BIG-IP's monitoring interface. When set to 1 debug output will be sent to syslog.
• SENDER sets both the SMTP MAIL FROM and the From: header. Pick a sensible value that matches your local mail setup.
• RECIPIENT sets both the SMTP RCPT TO and the To: header. Pick a sensible value that matches your local mail setup.
• SUBJECT sets the Subject: header.
• BODY sets the mail body.
• TLS set TLS mode: NONE/PLAIN, STARTTLS or TLS (no certificate verification when TLS* set).
• HELO sets SMTP HELO/EHLO. Pick a sensible value.
• Setting TESTAV will add the EICAR antivirus test string to the mail body. It will also change to test's logic to succeed if server rejects our mail after DATA and fail it it does not.
• Setting TESTSPAM will add the GTUBE anti-spam test string to the mail body. It will also change to test's logic to succeed if server rejects our mail after DATA and fail it it does not.

Setting up your MTA

For performance reasons, the recommended way is to create a special email address or domain that discards everything. We'll use blackhole.example.com here.

exim

Add a recipient acl to always accept your discard domain:

accept
  domains = blackhole.example.com
  endpass

Add a discard router:

blackhole:
  driver  = redirect
  domains = blackhole.example.com
  data    = :blackhole:

Add your loadbalancer interfaces to smtp_reserve_hosts to make sure your backend tests succeed even under heavy load.

Other MTAs

I'm happy to include other mail transfer agents if someone writes a guide for them. Please add a pull request on github.