05-21-2013 11:41 AM
I am having troubles utilizing the email function. Our email server has the SMTP callback feature enabled so the applet fails. Is there a way to respond to this callback using EEM?
My config
ip host mail.domain.com 172.16.164.140 172.16.164.139
event manager environment _mail_smtp mail.domain.com
event manager environment _mail_domain domain.com
event manager environment _mail_rcpt user@domain.com
event manager environment _mail_from user@domain.com
The Applet
event manager applet TEST
event syslog pattern "%BGP-5-ADJCHANGE: neighbor 10.2.0.1 Down BGP Notification sent"
action 1.0 info type routername action
2.0 mail server "$_mail_smtp" to "$_mail_rcpt" from "$_mail_from" subject "$_event_pub_time: T2 down" body "$_syslog_msg" action
3.0 syslog priority notifications msg "T2 down email send"
Debug and log from the test
May 21 13:33:22.275 CDT: %BGP-5-ADJCHANGE: neighbor 10.2.0.1 Down BGP Notification sent May 21 13:33:22.275 CDT: %BGP-3-NOTIFICATION: sent to neighbor 10.2.0.1 4/0 (hold time expired) 0 bytes
May 21 13:33:22.287 CDT: %BGP_SESSION-5-ADJCHANGE: neighbor 10.2.0.1 IPv4 Unicast topology base removed from session BGP Notification sent
May 21 13:33:22.299 CDT: %HA_EM-5-LOG: MONITOR_TUNNEL_2: BGP Neighbor has gone down on tunnel 2. Setting track 2 to a down state!!! May 21 13:33:22.307 CDT: %HA_EM-6-LOG: TEST : DEBUG(smtp_lib) : smtp_connect_attempt: 1
May 21 13:33:52.307 CDT: %HA_EM-6-LOG: TEST : DEBUG(smtp_lib) : smtp_connect connect fail 260
May 21 13:33:52.307 CDT: %HA_EM-6-LOG: TEST : DEBUG(smtp_lib) : fh_smtp_connect callback timer is awake
May 21 13:33:52.307 CDT: %HA_EM-3-FMPD_SMTP: Error occurred when sending mail to SMTP server: mail.edwardjones.com : timeout error
05-21-2013 02:52 PM
I haven't seen a 260 SMTP code before. Can you telnet from the device to TCP port 25 of this server?
05-22-2013 07:48 AM
I should explain a bit more about our setup.
We are utilizing a DMVPN between our remote cisco 2800 router. This SMTP traffic is riding the tunnel encapsulated within the GRE and Crypto. We also utilize a zone based firewall and IPS on the router. To get to the port 25 of our sever this traffic would have to ride the public internet and not be protected via the VPN. I am not prepared to follow that method based on security concerns. So currently we do not allow telnet over the public network and I am confident our main network firewall would block telnet access from outside of our private network.
So basically I am trying to do this over a private/protected infrastructure. Perhaps I am using the wrong method?
05-22-2013 09:35 AM
A telnet to port 25 emulates an SMTP communication. Typical telnet runs across port 23. That is why I asked you to try the telnet to port 25 since I'm guessing it, too, is blocked on your network. If tcp/25 communication is blocked, you would need to relax that if you want to be able to send email from your devices.
05-23-2013 08:41 AM
I don't understand what difference it makes whether you try to access the MAIL server on the private network or the public network? I know the traffic is getting to the server but the transfer fails because of the "callback" feature.
05-23-2013 08:44 AM
Ah, okay, I follow you now. There is no native support for SMTP callback in EEM. I'm fairly certain you could build it, though, by taking the smtp_lib.tcl library and adding in whatever is required to complete the callback dialog. Unfortunately, I have no experience with SMTP callback to know what those steps are.
The library can be found under tmpsys:/lib/tcl on your device, though.
05-23-2013 08:56 AM
I have never attempted anything like that before. Is there any documentation on how to take the smtp_lib.tcl library and making changes.
1. Is this done on the router?
2. Does this require creating a TCL script?
Any help will be greatly appreciated.
05-23-2013 09:01 AM
I imagine there is documentation on SMTP callback, but unfortunately I am not aware of where that may be. What you would do is copy this Tcl library to a local computer and do the editing and work there. When done, you would copy this back to the router and configure "event manager directory user library LIB" where LIB is the path to your edited library. Then you would import your library into a Tcl policy that would react to the event and call the email action.
Yes, this would require Tcl. There is no way to do this with applets.
05-23-2013 09:08 AM
I am green with this so excuse the questions.
Where is the tcl library in question. Is it on the router somewhere? Or is this something I can download?
05-23-2013 11:18 AM
It is found under tmpsys:/lib/tcl on your device. Copy it from there to a server using, for example, TFTP.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: