How to use Nagios to monitor Microsoft’s SNDS status for your mail servers

So, if you are a good postmaster, you probably know about SNDS, JMRP and similar non-Microsoft programs.

I find them extremely useful, and have integrated JMRP into my systems in such a way that I can tell exactly when some email issue affects my customers. Sometimes computers get infected by spam-sending malware, or new employees at some customer’s company start sending email marketing without adhering to company policy.

That’s the good thing about JMRP and similar programs: you can get to know what triggers a “bad reputation”.

SNDS and JMRP are linked by the hip, you cannot have one without the other, and SNDS also offers some sort of automatic status notification.

If you join SNDS (click https://postmaster.live.com/snds/– you will need a Live.com account), then you can add your IP addresses. I suggest you have a proper PTR (reverse dns) record setup, so SNDS will be able to send you the authorization link to abuse@YOURDOMAIN.COM (or hostmaster, postmaster, etc, depends on whois data).

Once you have properly joined and authorized access to your IP addresses, you can check on their status via web, or you can enable automatic access: https://postmaster.live.com/snds/auto.aspx

Once enabled, you will be provided with a couple of URLs that allow automated access to your status. More info here: https://postmaster.live.com/snds/FAQ.aspx#AccessProtocol

Of those two addresses, one is for an ipStatus.aspx script (they have a special key for your account in the query string). Both scripts return CSV data, or no data if all is well. The web page provides this table (taken from the bottom of https://postmaster.live.com/snds/auto.aspx):

 Situation  Response
Success with data rows HTTP 200 OK and non-zero Content-size
Success with no data for your IPs HTTP 200 OK but Content-size of zero
SNDS has no data for any IPs for the requested date
(i.e. future date or more than 90 days in the past), or
no sample message of that type for that IP and date
HTTP 204 No Content
Invalid or malformed request HTTP 400 Bad Request

With that information, I came up with this syntax for check_http:
./check_http -S -H postmaster.live.com -u ‘/snds/ipStatus.aspx?key=YOUR_KEY_HERE’ –invert-regex -r ‘,’

When all is well, zero content is returned with a 200-OK http response. And we know in case of problem, we ALSO get 200-OK http response… but a CSV file in the content. So, by checking for a COMMA, and inverting the regex, we can instruct check_http to give us an OK when there is no data, and CRITICAL when CSV data is returned.

We need to configure this command so we can get it into Nagios, so add this define_command block in a proper location (I keep my specially tweaked commands in a buanzo.cfg file off /etc/nagios-plugins/config, as I keep a good /etc backup and standarized setups):

define command{
        command_name    check_snds
        command_line    /usr/lib/nagios/plugins/check_http -S -H postmaster.live.com -u ‘/snds/ipStatus.aspx?key=$ARG1$’ –invert-regex -r ‘,’
}

OK, now we have a command definition. Let’s get it into Nagios:

define service{
 use generic-service
 host_name localhost
 service_description SNDS STATUS
 check_command check_snds!YOUR_KEY_HERE
}

Now restart nagios… and there you go 🙂

You will receive alerts when any of your registered IP addresses has a deliverability issue with Microsoft’s mail services.

Of course, tweak all the definitions to your particular configuration. Let me know if you come across any problems. Cya!

Artículos relacionados:

Si te gustó este articulo, ¿ Porque no dejas un comentario a continuación y continuas la conversación, o te suscribes a los feeds y recibes los artículos directamente en tu lector?

Comentarios

No comments yet.

Sorry, the comment form is closed at this time.