Hello
We have a smtp and pop sensor that has worked for more than one year without much problems. Yesterday it stopped to work suddenly, while normal mail is still flowing. Looking at the SMTP dialog with Wireshark, I noticed in the client hello packet that the TLS level choosen by the Prtg server is SSL3, just before being dumped without more ado by the mail provider server (no server hello). I can't fault our mail provider for rejecting this quite outdated protocol. Is there a way to select TLS 1.2 instead ? that's what our normal mail software use to connect to the mail provider.
This is with Prtg 21.1.65.1767
C:\>"C:\Program Files (x86)\PRTG Network Monitor\openssl.exe" version
OpenSSL 1.0.1g 7 Apr 2014 (Library: OpenSSL 1.0.2k 26 Jan 2017)
Thanks
Article Comments
It seems that Prtg is now connecting with TLS 1.2 without any change of software version, so it has been a false alarm.
Feb, 2021 - Permalink
Hello, you can go to the sensor settings page, Select if you want to enforce transport-level security for the connection. PRTG tries to establish a secure connection using the strongest SSL/TLS method provided by the server. In the security connection settings you see different options.
- Select if you want to enforce transport-level security for the connection. PRTG tries to establish a secure connection using the strongest SSL/TLS method provided by the server.
- If you enforce transport-level-security, the sensor shows the Down status if the target server does not support SSL/TLS.
- Using StartTLS, the sensor sends a command to negotiate a secure connection after an unsecure connection has been established.
Feb, 2021 - Permalink