Package: fail2ban Version: 0.6.1-11 Severity: minor The default configuration uses # Option: from # Notes.: e-mail address of the sender. # Values: MAIL Default: fail2ban # from = [EMAIL PROTECTED]
2 issues with this. First, fail2ban is not a user on the system. As a result, the mail may be rejected by sender verification. I see several possible approaches: a) change the sender to a real user, like root b) create a fail2ban user c) create some kind of alias so that fail2ban is acceptable d) document the current behavior and options for dealing with it e) decide that someone who is verifying senders on their own system is being perverse, and do nothing. However, note that such checks can prevent spoofing if users are not trusted, and that fail2ban email might go to some machine other than the one originating the message. Second, the use of @localhost seems like asking for trouble. If it's preserved, but the message is routed to another machine, this will be disorienting at best. I'm not even sure it's a legitmate domain for an email address. It may be that all MTA's will clean this up, but they would probably clean up an unqualified name (just fail2ban without @anything) as well. -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (990, 'stable'), (50, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.27advncdfs Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages fail2ban depends on: ii iptables 1.3.5.0debian1-1 Linux kernel 2.4+ iptables adminis ii lsb-base 3.1-15 Linux Standard Base 3.1 init scrip ii python 2.4.3-11 An interactive high-level object-o ii python-central 0.5.6 register and build utility for Pyt fail2ban recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
