Re: [SA-list] SSL handshake failed - custom https application
Dirk, Thank you for the suggestion, I went with TLS 1.0. I was able to get an 'A' rating from the DigiCert inspector using TLS 1.0 and 1.2, I think due to using a restricted list of ciphers with OpenSSL 1.0.2 in my own application. It's all working perfectly now. Best, Ann On 3/16/2015 8:45 AM, dirk wrote: Ann, why not enable TLS 1.0, that should work fine and doesn't have the Poodle issue (as SSL 3.0 has) dirk On 2015-03-16 03:35, Ann Lynnworth wrote: Dirk, This is resolved. By enabling SSL 3.0 in my custom https application, I was able to get the SSL handshake from Servers Alive to succeed. TLS 1.1 did not work, FYI. I will send you a copy of the DigiCert analysis of the security, off-list. IE10 and IE11 still do not want to accept the page, so that is still a mystery but definitely not your problem. (Nor mine, since I don't actually use those browsers.) Best, Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] SSL handshake failed - custom https application
Dirk, I will certainly try re-enabling TLS 1.1 and/or SSL 3 and see whether that solves it for the time being. I had disallowed the other protocols after the heartbleed alerts came out. Reference, for example, https://www.digicert.com/heartbleed-bug-vulnerability.htm Thank you very much for the clear answer on this one, at least now I know what I am dealing with. This does strongly imply that IE10 and IE11 do not implement TLS 1.2 either, which is contrary to the implication of the [x] tick they offer under options. (!!) Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] SSL handshake failed - custom https application
Dirk, This is resolved. By enabling SSL 3.0 in my custom https application, I was able to get the SSL handshake from Servers Alive to succeed. TLS 1.1 did not work, FYI. I will send you a copy of the DigiCert analysis of the security, off-list. IE10 and IE11 still do not want to accept the page, so that is still a mystery but definitely not your problem. (Nor mine, since I don't actually use those browsers.) Best, Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] SSL handshake failed - custom https application
Hi Dirk, Thank you - this is not an emergency but I definitely look forward to some new clues. Murphy's Law: that demo server is offline for a while. Here is a second URL with the same issue: https://db.demos.href.com:8057/ Best, Ann On 3/14/2015 10:50 AM, dirk wrote: Hi Ann, Nice long write up :-) I can't open the URL in IE and I get the error in Servers Alive as you described. I'm now checking with the developper of the HTTPS checking component what can be the reason and what can be done about it. I'll keep you (as always) updated on this. Dirk; -Original Message- From: Servers Alive Discussion List [mailto:salive@woodstone.nu] On Behalf Of Ann Lynnworth Sent: Saturday, March 14, 2015 9:51 AM To: Servers Alive Discussion List Subject: [SA-list] SSL handshake failed - custom https application I'm having a problem trying to make an SSL connection from Servers Alive to my self-made https application using a self-made certificate generated by openssl. The https url works fine from Google Chrome and Firefox as long as I install the root certificate on the client machine (for chrome) or into the browser (for firefox). No matter what I do, I cannot get IE10 or IE11 to visit the site. (Note: Same https web application installed on various machines and Windows versions all give the same result.) I guess that SAlive uses the same Windows OS core components as Internet Explorer, and therefore SAlive refuses to do the SSL handshake. Is that basically accurate? I have reviewed http://support.microsoft.com/en-us/kb/2661254 in great detail. My root cert and my web site cert both use 2048 bits. Many web sites indicate that IE and Chrome use the same crypto logic, but that has not been my experience at all. Chrome responds immediately once the root cert is trusted - no reboot required. IE never progresses. I have tested my cert from as many angles as possible, including using the DigiCert inspector, from which it receives an A rating. And I have tried enabling all the old insecure SSL 2, 3, plus TLS 1, 1.1, 1.2 options in Internet Explorer options under Advanced Security, and none of that makes any difference. By now I hope you are curious enough to test a link and tell me whether you can get it to open in IE10, IE11 and/or Servers Alive! https://lite.demos.href.com:8453/ (( This link is active now and will be for a little while; apologies to future readers, it probably will not stay open once this conversation ends. )) I am quite willing to have the root certificate trusted on the machine that runs Servers Alive (and it is, as evidenced by Chrome being able to open the page). I have also tried the advice on http://netsekure.org/2011/04/automatic-ca-root-certificate-updates-on-window s/ about disabling the auto update of the root list; that did not help. Just in case I was misreading the '2048' in the public key details, I tried the advice of logging details about 1024bit certificates (from the answer on https://social.technet.microsoft.com/Forums/windows/en-US/2719388a-840a-492c -a509-42804860ee9a/unable-to-open-https-site-with-not-trusted-certificate-on -ie10?forum=w8itprogeneral ) and nothing gets logged when I use the web page from Chrome or Firefox or IE. Thank you for reading and especially for any solution. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
[SA-list] SSL handshake failed - custom https application
I'm having a problem trying to make an SSL connection from Servers Alive to my self-made https application using a self-made certificate generated by openssl. The https url works fine from Google Chrome and Firefox as long as I install the root certificate on the client machine (for chrome) or into the browser (for firefox). No matter what I do, I cannot get IE10 or IE11 to visit the site. (Note: Same https web application installed on various machines and Windows versions all give the same result.) I guess that SAlive uses the same Windows OS core components as Internet Explorer, and therefore SAlive refuses to do the SSL handshake. Is that basically accurate? I have reviewed http://support.microsoft.com/en-us/kb/2661254 in great detail. My root cert and my web site cert both use 2048 bits. Many web sites indicate that IE and Chrome use the same crypto logic, but that has not been my experience at all. Chrome responds immediately once the root cert is trusted - no reboot required. IE never progresses. I have tested my cert from as many angles as possible, including using the DigiCert inspector, from which it receives an A rating. And I have tried enabling all the old insecure SSL 2, 3, plus TLS 1, 1.1, 1.2 options in Internet Explorer options under Advanced Security, and none of that makes any difference. By now I hope you are curious enough to test a link and tell me whether you can get it to open in IE10, IE11 and/or Servers Alive! https://lite.demos.href.com:8453/ (( This link is active now and will be for a little while; apologies to future readers, it probably will not stay open once this conversation ends. )) I am quite willing to have the root certificate trusted on the machine that runs Servers Alive (and it is, as evidenced by Chrome being able to open the page). I have also tried the advice on http://netsekure.org/2011/04/automatic-ca-root-certificate-updates-on-windows/ about disabling the auto update of the root list; that did not help. Just in case I was misreading the '2048' in the public key details, I tried the advice of logging details about 1024bit certificates (from the answer on https://social.technet.microsoft.com/Forums/windows/en-US/2719388a-840a-492c-a509-42804860ee9a/unable-to-open-https-site-with-not-trusted-certificate-on-ie10?forum=w8itprogeneral ) and nothing gets logged when I use the web page from Chrome or Firefox or IE. Thank you for reading and especially for any solution. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
[SA-list] https cert expired - unable to clear message
Hi, A few hours ago, Servers Alive correctly picked up on the fact that an intermediate certificates involved on one of my servers had expired. I fixed the problem on the server in question, and now ... Servers Alive insists that the problem remains. I have checked the certificate using Firefox (view the certificate and look at the details), DigiCert utility (https://www.digicert.com/util/ (https://www.digicert.com/util/)), and with https://www.sslshopper.com/ssl-checker.html (https://www.sslshopper.com/ssl-checker.html). All report zero problems now. I have rebooted the machine running Servers Alive, and that did not help. How can I clear the old certificate out of the Servers Alive cache of certificates ?? Thanks, Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
[SA-list] SSL 3.0 gone; TLS 1.2 ??
Hi, I have a problem checking https sites since I removed SSL 3.0 support on the sites being checked. I am using Servers Alive v7.2.2631 on Win2012 server. Testing the same URL in Internet Explorer on Win2012 gives a normal web page, no errors about the certificate or anything. Same problem when running Servers Alive on Win2003 server. I disabled SSL 3 because of Poodle per the notes on https://www.digicert.com/ssl-support/iis-disabling-ssl-v3.htm Sometimes Servers Alive reports an issue with the SSL handshake (e.g. 1st test). Sometimes it says that the connection has been aborted by the network or intermediate services (e.g. subsequent tests). I guess Servers Alive would have to connect with TLS 1.2. -Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] The nexy version(s)....your vision
One feature I would really use is the ability to search within the tree to quickly locate an item. Find, Find next match. In terms of reporting, it would be wonderful to offer sliced views of the data on separate URLs. For example, say I monitor 50 things but I have one customer interested in watching just 15 of them, and s/he has no business looking at the other items. It would be nice to show that person the status report for those selected 15 items.  It doesn't have to be high security with login, it could just be unique URLs reporting on a set of checks. Best, Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
[SA-list] save/restore setup
Is there any way to save (export, backup) the overall Servers Alive setup to transfer to another machine? Registry settings somewhere? Files to transfer? Thank you. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] https
Hi, I am running Servers Alive v7.0.2565. I recently changed (hardened) the SSL situation on my Windows servers, based on recommendations from DigiCert (www.digicert.com) (they provide a free testing utility for their customers, and it reports on all SSL vulnerabilities for desired URLs+ports). I used these two steps to bring up the compliance: http://support.microsoft.com/kb/980436, setting AllowInsecureRenegoClients and AllowInsecureRenegoServers to DWORD 0. https://www.nartac.com/Products/IISCrypto/Default.aspx - download utility, run it using the [Best Practices] feature. Reboot. After doing those steps, all my Servers Alive HTTPS tests failed. The error status info says SSL Handshake failed. Some of my test URLs work on both https and http, and if I use http, the Servers Alive tests work fine. The problem is limited to https requests. Do I need to upgrade Servers Alive to use newer SSL 3.0/TLS 1.2? Or is there a way that I can get Servers Alive to use more secure protocols and/or ciphers? Here is a sample test URL: https://www.href.com/favicon.ico Thank you very much. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] only one instance
Ok, thanks for considering. I don't have any way to run a task before connecting; at least, no way that is easier than clicking an [ok] button once. One day I will move salive to a newer OS and/or a server that does not use VNC. I can easily live with this until then. I think you'd need an expert on the quirks of VNC on Win2003 to make a really good guess about the real story here. Have a good weekend and thanks for a super product, I am 99.9% happy with it ! Ann On 06/07/2013 5:00 AM, Dirk Bulinckx wrote: The only work-around I can currently see, is that before restarting the GUI, is that you kill the running instance (if there is one running). As for the reason why you get this I have no clue :-( Dirk Bulinckx Servers Alive - http://www.woodstone.nu StellarDNS (DNS Hosting) - http://www.stellardns.com -Original Message- From: Servers Alive Discussion List [mailto:salive@woodstone.nu] On Behalf Of Ann Lynnworth Sent: Friday, June 07, 2013 1:46 AM To: Servers Alive Discussion List Subject: Re: [SA-list] only one instance Hi Dirk, Yes, with VNC you get the real desktop, unlike with Remote Desktop where you get a terminal server session. If I reconnect to the server within a short amount of time, there is only 1 process and there is no pop-up message. If I go to the server after a long time, say 6+ hours, then the pop-up appears and yes, there are 2 processes running. As soon as I say [ok] to the dialog, the 2nd process goes away. Ann On 06/06/2013 7:00 AM, Dirk Bulinckx wrote: Hi Ann, when you login using TightVNC do you get the real desktop as if you would login directly on the system or does it give you a virtual desktop (like a Remote Desktop connection would give you)? Also if you look at the taskmanager is the serversalive.exe process running when yuo get that error? And if so how many times? dirk On Thu, 06 Jun 2013 00:45:42 +0200, Ann Lynnworth wrote: On a server where I use VNC to manage the machine, I see this message almost each time I connect: You can only have one instance of Servers Alive running! [ok] I have SA configured to run as a Windows service. No other applications appear to try to start just because I connect to the machine. I would not say this is a huge problem, it's just annoying and I guess it is particular to VNC usage, so maybe you (Dirk) were not aware it was happening. I'm using TightVNC service 1.3.10 from 2009. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] only one instance
Hi Jason, Yeah, the servers are thousands of miles away from me right now, but I'm sure the 2nd instance is running when this happens. I just verified that with SysInternals process viewer. Tiny snapshot is here now: http://screenshots.href.com/woodstone/snapServersAlive-v7-running2x.png (http://screenshots.href.com/woodstone/snapServersAlive-v7-running2x.png) The 2nd column is PID and the 3rd column is an indication of how long the process has been running.  When I click [ok] on the dialog, the longer-running instance stays and the other one disappears. I do not use a 2nd instance to monitor the first.  I keep an eye on the salive web report almost constantly. I have not had any stability problems with salive itself in many months. I'm running v7.0.2565 as-service on Win2003. I used to have a lot of crashes with v6 when I ran as-app. I now suspect that whatever is triggering this 2nd instance is the same thing that was triggering the problems that I saw with v6. Ann On 06/06/2013 4:00 AM, Jason Passow wrote: We use VNC to connect to a machine running Salive as an app now.  We use to use it to connect as a service until our move to Server 2008.   I have never experienced the only one instance problem due to VNC.  I am wondering if you were to physically go to the console screen if you would also see it there. Do you have a second Salive instance monitoring the first?  If so does it have an alert for auto-recovery to start the Salive service?  If so I would bet that the issue is there.   This happens occasionally to us when Salive gets hung and our monitoring instance kills and restarts the main instance.   Jason Passow Network Administrator Mississippi Welders Supply http://www.mwsco.com (http://www.mwsco.com) jas...@mwsco.com (mailto:jas...@mwsco.com) ph: (507) 494-5178 fax: (507) 454-8104 From: Ann Lynnworth [mailto:a...@href.com (mailto:a...@href.com)] To: Servers Alive Discussion List [mailto:salive@woodstone.nu (mailto:salive@woodstone.nu)] Sent: Wed, 05 Jun 2013 22:00:20 -0600 Subject: Re: [SA-list] only one instance I don't quite follow your advice yet. By you will need to use the remote, do you mean Remote Desktop? Or a remote mode of Servers Alive itself? With VNC, there is a just a single shared Windows account in play. Using VNC is like connecting to the console session with Microsoft Remote Desktop. Ann On 06/06/2013 12:15 AM, Goggins, Patrick wrote: You will need to use the remote. I've since stopped using the service and have the monitoring VM startup, auto-login, and auto-start interactively SA. Then whenever we need access a single shared account is used. ~Patrick -Original Message- From: Servers Alive Discussion List [mailto:salive@woodstone.nu (mailto:salive@woodstone.nu)] On Behalf Of Ann Lynnworth Sent: Wednesday, June 05, 2013 5:46 PM To: Servers Alive Discussion List Subject: [SA-list] only one instance On a server where I use VNC to manage the machine, I see this message almost each time I connect: You can only have one instance of Servers Alive running! [ok] I have SA configured to run as a Windows service. No other applications appear to try to start just because I connect to the machine. I would not say this is a huge problem, it's just annoying and I guess it is particular to VNC usage, so maybe you (Dirk) were not aware it was happening. I'm using TightVNC service 1.3.10 from 2009. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu (mailto:salive@woodstone.nu) If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu (mailto:salive@woodstone.nu) If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu (mailto:salive@woodstone.nu) If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu (mailto:salive@woodstone.nu) If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use
[SA-list] only one instance
On a server where I use VNC to manage the machine, I see this message almost each time I connect: You can only have one instance of Servers Alive running! [ok] I have SA configured to run as a Windows service. No other applications appear to try to start just because I connect to the machine. I would not say this is a huge problem, it's just annoying and I guess it is particular to VNC usage, so maybe you (Dirk) were not aware it was happening. I'm using TightVNC service 1.3.10 from 2009. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] only one instance
I don't quite follow your advice yet. By you will need to use the remote, do you mean Remote Desktop? Or a remote mode of Servers Alive itself? With VNC, there is a just a single shared Windows account in play. Using VNC is like connecting to the console session with Microsoft Remote Desktop. Ann On 06/06/2013 12:15 AM, Goggins, Patrick wrote: You will need to use the remote. I've since stopped using the service and have the monitoring VM startup, auto-login, and auto-start interactively SA. Then whenever we need access a single shared account is used. ~Patrick -Original Message- From: Servers Alive Discussion List [mailto:salive@woodstone.nu] On Behalf Of Ann Lynnworth Sent: Wednesday, June 05, 2013 5:46 PM To: Servers Alive Discussion List Subject: [SA-list] only one instance On a server where I use VNC to manage the machine, I see this message almost each time I connect: You can only have one instance of Servers Alive running! [ok] I have SA configured to run as a Windows service. No other applications appear to try to start just because I connect to the machine. I would not say this is a huge problem, it's just annoying and I guess it is particular to VNC usage, so maybe you (Dirk) were not aware it was happening. I'm using TightVNC service 1.3.10 from 2009. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] SMTP configuration for multiple recipients; 302 redirect loop
Dirk, Thank you very much for the full explanation about the email recipient list. My errors with google were intermittent. Some messages went through and others did not. Under Setup, I have ticked the box for separating the messages by recipient. So it seems likely that now they will all go through. About the 302 issue, yes, the timeout was definitely longer than the time it took to get the 302 response, say 25ms versus probably 4ms. I am downloading the latest beta and will put that in place. Great support g. Ann On 05/15/2013 5:16 AM, Dirk Bulinckx wrote: By default a mail is send as ONE mail TO severl addresses. There is however in the SETUP-ALERTS-SMTP-PRIMARY (and ALTERNATE) an option to send multiple mails to multiple addresses, meaning the mails are send to each person individualy. You need to separate the addresses (might it be direct addresses or people or teams) by comma's. The way the alert is send is not different if you use a team/person/direct-address. Using PEOPLE and TEAMS has other reasons. About the 302 issue...the way the timeout works in an HTTP check (and that would be a way to get out of that loop) is that IF there is more then timemout time between the different results received from the server then we get the timeout else we just follow the redirects and could indeed get into a loop. Dirk Bulinckx Servers Alive - http://www.woodstone.nu StellarDNS (DNS Hosting) - http://www.stellardns.com -Original Message- From: Servers Alive Discussion List [mailto:salive@woodstone.nu] On Behalf Of Ann Lynnworth Sent: Wednesday, May 15, 2013 2:16 AM To: Servers Alive Discussion List Subject: [SA-list] SMTP configuration for multiple recipients; 302 redirect loop Hi, Main question: Could you clarify the syntax for sending one email message to multiple recipients? In particular, is the required separator a comma? Is semi-colon allowed or only comma? Are plain-text recipients such as ga...@msn.com,bi...@msn.com allowed or is it necessary to combine person or team references? Does the use of plain-text email addresses versus person relate in any way to the way the To: and/or Cc: mail headers are generated? The reason I ask is that I have been having trouble queuing emails to multiple recipients whose domains are hosted with gmail. Here is an example error as reported back to me from the ISP (Sonic.net) sitting between my Servers Alive machine and google: May 14 15:09:18 b.mail.sonic.net sm-mta[6727]: r4EM9HlP006714: to=s...@snip.com, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=180533, relay=aspmx.l.google.com. [74.125.141.27], dsn=4.3.0, stat=Deferred: 451-4.3.0 Multiple destination domains per transaction is unsupported. My email message configuration includes 3 parties, of which 2 are on the same domain, e.g. snip.com in the text above. I had to change the domain name for privacy reasons but otherwise that error message is exact. This rule about multiple destination domains seems to be a new rule from gmail since maybe May 2012. ( https://productforums.google.com/forum/?fromgroups=#!topic/gmail/qQ3vDWouukk ) I only ran into it now because of the need to alert two mailboxes at the same domain. The reason I'm asking about the syntax is because I'm wondering whether there is any way that I can control the number of separate To: or Cc: headers generated, or whether I really have to create separate alerts when there need to be multiple recipients at the same google-hosted domain. Fyi: Yesterday I ran into an unrelated problem which essentially hung Servers Alive - rendered it unable to check every URL in its list. That was: multiple checks running into repeat 302 bounce loops - bouncing back to the same URL that it was trying to test. This was essentially a problem that happened on multiple servers, multiple sites, all at once. However I wanted to let you know the SA did not really recover. I tried stopping and starting the service, and rebooting the whole machine, and none of that helped. S.A. would get through a few requests but literally got stuck, leaving the majority of the URLs unchecked since... 4 hours time. Eventually I realized the root cause, fixed the 302 problem, and then of course SA worked as per normal. Best, Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. . To unsubscribe send a message with UNSUBSCRIBE
[SA-list] SMTP configuration for multiple recipients; 302 redirect loop
Hi, Main question: Could you clarify the syntax for sending one email message to multiple recipients? In particular, is the required separator a comma? Is semi-colon allowed or only comma? Are plain-text recipients such as ga...@msn.com,bi...@msn.com allowed or is it necessary to combine person or team references? Does the use of plain-text email addresses versus person relate in any way to the way the To: and/or Cc: mail headers are generated? The reason I ask is that I have been having trouble queuing emails to multiple recipients whose domains are hosted with gmail. Here is an example error as reported back to me from the ISP (Sonic.net) sitting between my Servers Alive machine and google: May 14 15:09:18 b.mail.sonic.net sm-mta[6727]: r4EM9HlP006714: to=s...@snip.com, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=180533, relay=aspmx.l.google.com. [74.125.141.27], dsn=4.3.0, stat=Deferred: 451-4.3.0 Multiple destination domains per transaction is unsupported. My email message configuration includes 3 parties, of which 2 are on the same domain, e.g. snip.com in the text above. I had to change the domain name for privacy reasons but otherwise that error message is exact. This rule about multiple destination domains seems to be a new rule from gmail since maybe May 2012. ( https://productforums.google.com/forum/?fromgroups=#!topic/gmail/qQ3vDWouukk ) I only ran into it now because of the need to alert two mailboxes at the same domain. The reason I'm asking about the syntax is because I'm wondering whether there is any way that I can control the number of separate To: or Cc: headers generated, or whether I really have to create separate alerts when there need to be multiple recipients at the same google-hosted domain. Fyi: Yesterday I ran into an unrelated problem which essentially hung Servers Alive - rendered it unable to check every URL in its list. That was: multiple checks running into repeat 302 bounce loops - bouncing back to the same URL that it was trying to test. This was essentially a problem that happened on multiple servers, multiple sites, all at once. However I wanted to let you know the SA did not really recover. I tried stopping and starting the service, and rebooting the whole machine, and none of that helped. S.A. would get through a few requests but literally got stuck, leaving the majority of the URLs unchecked since... 4 hours time. Eventually I realized the root cause, fixed the 302 problem, and then of course SA worked as per normal. Best, Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
[SA-list] how to monitor Windows RDP
Hi, Just wondering how to configure ServersAlive to monitor for Windows Remote Desktop being alive well. It uses TCP port 3389 by default. Any specific advice? Should I check TCP with Port Connector on the particular port? Or is there a better way? I have salive version 7.0.2505 Thanks. Ann www.href.com To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
Re: [SA-list] how to monitor Windows RDP
Thanks for the replies. I looked a few times and could not find keyword 'RDP' listed under any choices in the software nor in the PDF user manual. I'm using the TCP port connection for now and that seems sufficient. I don't see how I could check the RDP Windows service per se, since the machine with RDP is a remote machine relative to where salive runs. Ann To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
