We have an aging HP Proliant ML350 G6, Server 2008 R2, running ILO 2, and the System Management Homepage is using SNMP as its data source.
This is a barebones server install, hosting our virtual servers on Hyper-V VMs.
I want to receive email notification of bad things like hard drive failure.
We use Office 365, we don't have an onsight email server.
In HP's Event Notifier Configuration Wizard, I can specify the SMTP server to use (smtp.office365.com), but I cannot specify TLS or port number. Office 365 won't let me send without TLS and port number.
HP's first recommendation is to enable SMTP service on our server, configure it in IIS, etc. However, this being a barebones install, I am very hesitant to open up any unnecessary vulnerabilities. Is this a good idea, and just requires vigilantly keeping up with patches?
I've seen recommendations for installing an STMP proxy, but I'm also hesitant to install any 3rd party on this server.
Is there another way, in which I don't have to turn my server into an email server? I'd think I'm not the only one in this situation.
Many thanks!
Matthew
Best Answer
Couple things to consider:
You can install an SMTP relay on your server and not open it to the world, just firewall the port or even lock it down to 127.0.0.1. So in theory the security of your machine should be moderately compromised at most.
Another approach might be to basically replace or supplement the management application with something that does do both SNMP polling and can use SMTP/TLS email service for alerting. So something like this, maybe: http://www.trapreceiver.com/