How to Monitor an SMTP Server
Whenever a user in an organization sends an email, a lot happens behind the scenes. When the user clicks send, the message is handed off to a service running the simple mail transport protocol (SMTP). It's the job of the SMTP service to contact the recipient mail server and transfer the message to the mail server. When the SMTP service stops responding, mail is not sent.
There are several reasons a mail server could lose its capability to send mail. Take a look at a few:
1. The mail server could lose its connection to the Internet.
2. The mail server could uses up resources (like disk space) which might cause the operating system to crash or hang.
3. A mail administrator may make a configuration error that could cause the service to become baffled by how to send mail.
4. A mail server could be added to a blacklist preventing it from sending mail to your recipient server by using their blacklist as resource to eliminate spam.
Since outgoing mail is often a function that is critical for almost every organization, it is rather import to have in place some method to monitor the service. Some website monitoring services offer support for monitoring SMTP. Here is how it works:
First, the web site monitoring service will endeavor to establish a socket reference to the SMTP server using the transmission control protocol (TCP). This requires sending a SYN packet for the SMTP server and expecting an ACK packet responding. If no ACK is received, the monitoring service sees that the SMTP service is not addressing requests.
Next, assuming the ACK was received as well as a socket connection continues to be successfully set up, the monitoring service attempt to communicate using protocol commands. The following is one way that could work (you can search this out on your own using the well-known terminal program Telnet):
1. If the connection was established, the mail server will respond featuring its banner, usually similar to "Connected to mail.somedomain.net." If no banner is received, something is probably wrong.
2. Next, the monitoring service will introduce itself just like if it were a mail user by sending the "HELO" command then an origin domain to the email. So the complete command might seem like "HELO my.domain.net."
3. If all is going well, the SMTP server will respond with something such as "250 Hello my.domain.net, glad to meet you."
At that point it is established that the SMTP server is responding to connection requests which is ready to receive more commands. If the monitoring service notices a failure at any of these points it might log the failure, the time, and any content that has been received which may help diagnose the issue. The service will likely then send out alerts by email, SMS text or perhaps using a real phone call.
For most monitoring applications, this can be enough to get a basic sanity review the functioning with the mail server. Some website monitoring services go further by permitting you to design a script to thoroughly test the mail sending process. This more complex process involves interacting with a POP3 or IMAP4 mail server at the same time.