What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

SSL configuration for SMTP&POP Sensor

Votes:

0

Hello

We have a smtp and pop sensor that has worked for more than one year without much problems. Yesterday it stopped to work suddenly, while normal mail is still flowing. Looking at the SMTP dialog with Wireshark, I noticed in the client hello packet that the TLS level choosen by the Prtg server is SSL3, just before being dumped without more ado by the mail provider server (no server hello). I can't fault our mail provider for rejecting this quite outdated protocol. Is there a way to select TLS 1.2 instead ? that's what our normal mail software use to connect to the mail provider.

This is with Prtg 21.1.65.1767
C:\>"C:\Program Files (x86)\PRTG Network Monitor\openssl.exe" version OpenSSL 1.0.1g 7 Apr 2014 (Library: OpenSSL 1.0.2k 26 Jan 2017)

Thanks

pop3 smtp tls

Created on Feb 18, 2021 2:07:12 PM

Last change on Feb 18, 2021 3:32:12 PM by Felix Wiesneth [Paessler Support]



2 Replies

Votes:

0

Hello, you can go to the sensor settings page, Select if you want to enforce transport-level security for the connection. PRTG tries to establish a secure connection using the strongest SSL/TLS method provided by the server. In the security connection settings you see different options.

- Select if you want to enforce transport-level security for the connection. PRTG tries to establish a secure connection using the strongest SSL/TLS method provided by the server.

- If you enforce transport-level-security, the sensor shows the Down status if the target server does not support SSL/TLS.

- Using StartTLS, the sensor sends a command to negotiate a secure connection after an unsecure connection has been established.

Created on Feb 23, 2021 8:48:33 PM by Jonathan Mena [Paessler Technical Support]



Votes:

0

It seems that Prtg is now connecting with TLS 1.2 without any change of software version, so it has been a false alarm.

Created on Feb 23, 2021 10:56:25 PM




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.