Re: [Fail2ban-users] configure fail2ban to use postfix for outgoing emails

[Aristos Vasiliou]

1)      I left sendmail there because as already mentioned in my previous 
email, it works, apparently as an alias to postfix



2)      I only configured postfix. Obviously mail, mailx & sendmail, all use 
the postfix configuration.



2a) I did not install sendmail. In my second email I actually mentioned that I 
had to disable it, so postfix can use port 25 to send out emails



2b) see 2a



3c) sendmail is using postfix, and postfix is configured to use gmail smtp, and 
as already proven, it can send emails



In any case, I changed the mta to mail, restarted fail2ban and it still doesn’t 
sent emails out. So this whole discussion is moot. The problem lies elsewhere.



From: Jonathan Kamens [mailto:j...@kamens.us]
Sent: Thursday, August 2, 2018 4:06 PM
To: Aristos Vasiliou <aris...@aristos.net>; René Berber 
<rber...@cactus-soft.org>; fail2ban-users@lists.sourceforge.net
Subject: Re: [Fail2ban-users] configure fail2ban to use postfix for outgoing 
emails


1) I already told you in my previous message to use "mta=mail" rather than 
"mta=sendmail", so I don't know why you're continuing to use "mta=sendmail".

2) As René pointed out, you said in your first message that you were using 
Postfix, but the log messages below are from Sendmail, not Postfix. So what's 
probably happening here is the following:

a) You installed Postfix and Sendmail together when you shouldn't have.

b) Because you installed Sendmail, the "sendmail" binary is no longer linked to 
Postfix, it's linked to Sendmail.

c) The "sendmail" binary, which fail2ban is trying to use because you don't 
have "mta" set properly to what I told you to set it to, is trying to connect 
to Sendmail's "submission" port, i.e., port 587, because that's the default 
configuration for Sendmail when it's called as an MUA, but Postfix doesn't 
listen on port 587.

So you need to change fail2ban's configuration to "mta=mail" and uninstall 
Sendmail.

  Jonathan Kamens
On 8/2/18 7:27 AM, Aristos Vasiliou wrote:

Ok bear with me please, I'm still struggling to understand the logic.

So I figured out the email issue.



All three commands below can sent out email, no problem there.

echo "test mail" | mail -s subject 
aris...@aristos.net<mailto:aris...@aristos.net>

echo "test mailx" | mailx -s "subject" 
aris...@aristos.net<mailto:aris...@aristos.net>

echo "Subject: test sendmail" | sendmail -v 
aris...@aristos.net<mailto:aris...@aristos.net>



My /etc/fail2ban/jail.local configuration is as follows

destemail = aris...@aristos.net<mailto:aris...@aristos.net>

sender = root@localhost

mta = sendmail

[sshd]

enabled = true

action = %(action_mw)s

port    = ssh

logpath = %(sshd_log)s

backend = %(sshd_backend)s



When the fail2ban service starts I get this

Aug 02 14:24:12 freepbx systemd[1]: Starting Fail2Ban Service...

Aug 02 14:24:12 freepbx systemd[1]: Started Fail2Ban Service.

Aug 02 14:24:13 freepbx fail2ban-server[3805]: Server ready

Aug 02 14:24:13 freepbx sendmail[3820]: w72BODCj003820: from=root@localhost, 
size=225, class=0, nrcpts=1, 
msgid=<201808021124.w72BODCj003820@localhost4.localdomain4><mailto:201808021124.w72BODCj003820@localhost4.localdomain4>,
 relay=root@localhost

Aug 02 14:24:13 freepbx sendmail[3820]: w72BODCj003820: 
to=aris...@aristos.net<mailto:to=aris...@aristos.net>, ctladdr=root@localhost 
(0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30225, 
relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by 
[127.0.0.1]



When fail2ban bans an ip, /var/log/maillog shows me this

Aug  2 14:15:24 localhost sendmail[3409]: w72BFOZM003409: from=root@localhost, 
size=352, class=0, nrcpts=1, 
msgid=<201808021115.w72BFOZM003409@localhost4.localdomain4><mailto:201808021115.w72BFOZM003409@localhost4.localdomain4>,
 relay=root@localhost

Aug  2 14:15:24 localhost sendmail[3409]: w72BFOZM003409: 
to=aris...@aristos.net<mailto:to=aris...@aristos.net>, ctladdr=root@localhost 
(0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30352, 
relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by 
[127.0.0.1]



Any guesses on what I could be doing wrong here?



Thanks.



-----Original Message-----
From: René Berber [mailto:rber...@cactus-soft.org]
Sent: Wednesday, August 1, 2018 7:38 PM
To: 
fail2ban-users@lists.sourceforge.net<mailto:fail2ban-users@lists.sourceforge.net>
Subject: Re: [Fail2ban-users] configure fail2ban to use postfix for outgoing 
emails



On 8/1/2018 11:03 AM, Aristos Vasiliou wrote:

> - Centos will not allow me to run sendmail and postfix at the same time. I 
> get an error in the logs saying that port 25 is already in use when both 
> programs are running. This is why I disabled sendmail, so postfix can send 
> out emails.



You don't run sendmail, sendmail is an alias (a command named sendmail that is 
actually a link to postfix) installed by postfix.



> - To clarify, do I need to add " action = %(action_mw)s" in my 
> /etc/fail2ban/jail.local file?



Yes.  It doesn't have to be that one exactly, any action that includes sending 
mail will do.

--

René Berber





------------------------------------------------------------------------------

Check out the vibrant tech community on one of the world's most

engaging tech sites, Slashdot.org! http://sdm.link/slashdot



_______________________________________________

Fail2ban-users mailing list

Fail2ban-users@lists.sourceforge.net<mailto:Fail2ban-users@lists.sourceforge.net>

https://lists.sourceforge.net/lists/listinfo/fail2ban-users

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users