* Aristos Vasiliou <[email protected]> [08-02-18 10:06]: > 1) I left sendmail there because as already mentioned in my previous > email, it works, apparently as an alias to postfix > > > > 2) I only configured postfix. Obviously mail, mailx & sendmail, all use > the postfix configuration. > > > > 2a) I did not install sendmail. In my second email I actually mentioned that > I had to disable it, so postfix can use port 25 to send out emails
if you did not install sendmail, what did you disable. postfix will not send mail w/o the "sendmail" stub that postfix includes. > 3c) sendmail is using postfix, and postfix is configured to use gmail smtp, > and as already proven, it can send emails sendmail, the package, does not use postfix, AT ALL! > In any case, I changed the mta to mail, restarted fail2ban and it still > doesn’t sent emails out. So this whole discussion is moot. The problem lies > elsewhere. you are sadly disillusioned. or there is apbkac > From: Jonathan Kamens [mailto:[email protected]] > Sent: Thursday, August 2, 2018 4:06 PM > To: Aristos Vasiliou <[email protected]>; René Berber > <[email protected]>; [email protected] > Subject: Re: [Fail2ban-users] configure fail2ban to use postfix for outgoing > emails > > > 1) I already told you in my previous message to use "mta=mail" rather than > "mta=sendmail", so I don't know why you're continuing to use "mta=sendmail". > > 2) As René pointed out, you said in your first message that you were using > Postfix, but the log messages below are from Sendmail, not Postfix. So what's > probably happening here is the following: > > a) You installed Postfix and Sendmail together when you shouldn't have. > > b) Because you installed Sendmail, the "sendmail" binary is no longer linked > to Postfix, it's linked to Sendmail. > > c) The "sendmail" binary, which fail2ban is trying to use because you don't > have "mta" set properly to what I told you to set it to, is trying to connect > to Sendmail's "submission" port, i.e., port 587, because that's the default > configuration for Sendmail when it's called as an MUA, but Postfix doesn't > listen on port 587. > > So you need to change fail2ban's configuration to "mta=mail" and uninstall > Sendmail. > > Jonathan Kamens > On 8/2/18 7:27 AM, Aristos Vasiliou wrote: > > Ok bear with me please, I'm still struggling to understand the logic. > > So I figured out the email issue. > > > > All three commands below can sent out email, no problem there. > > echo "test mail" | mail -s subject > [email protected]<mailto:[email protected]> > > echo "test mailx" | mailx -s "subject" > [email protected]<mailto:[email protected]> > > echo "Subject: test sendmail" | sendmail -v > [email protected]<mailto:[email protected]> > > > > My /etc/fail2ban/jail.local configuration is as follows > > destemail = [email protected]<mailto:[email protected]> > > sender = root@localhost > > mta = sendmail > > [sshd] > > enabled = true > > action = %(action_mw)s > > port = ssh > > logpath = %(sshd_log)s > > backend = %(sshd_backend)s > > > > When the fail2ban service starts I get this > > Aug 02 14:24:12 freepbx systemd[1]: Starting Fail2Ban Service... > > Aug 02 14:24:12 freepbx systemd[1]: Started Fail2Ban Service. > > Aug 02 14:24:13 freepbx fail2ban-server[3805]: Server ready > > Aug 02 14:24:13 freepbx sendmail[3820]: w72BODCj003820: from=root@localhost, > size=225, class=0, nrcpts=1, > msgid=<[email protected]><mailto:[email protected]>, > relay=root@localhost > > Aug 02 14:24:13 freepbx sendmail[3820]: w72BODCj003820: > [email protected]<mailto:[email protected]>, ctladdr=root@localhost > (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30225, > relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused > by [127.0.0.1] > > > > When fail2ban bans an ip, /var/log/maillog shows me this > > Aug 2 14:15:24 localhost sendmail[3409]: w72BFOZM003409: > from=root@localhost, size=352, class=0, nrcpts=1, > msgid=<[email protected]><mailto:[email protected]>, > relay=root@localhost > > Aug 2 14:15:24 localhost sendmail[3409]: w72BFOZM003409: > [email protected]<mailto:[email protected]>, ctladdr=root@localhost > (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30352, > relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused > by [127.0.0.1] > > > > Any guesses on what I could be doing wrong here? > > > > Thanks. > > > > -----Original Message----- > From: René Berber [mailto:[email protected]] > Sent: Wednesday, August 1, 2018 7:38 PM > To: > [email protected]<mailto:[email protected]> > Subject: Re: [Fail2ban-users] configure fail2ban to use postfix for outgoing > emails > > > > On 8/1/2018 11:03 AM, Aristos Vasiliou wrote: > > > - Centos will not allow me to run sendmail and postfix at the same time. I > > get an error in the logs saying that port 25 is already in use when both > > programs are running. This is why I disabled sendmail, so postfix can send > > out emails. > > > > You don't run sendmail, sendmail is an alias (a command named sendmail that > is actually a link to postfix) installed by postfix. > > > > > - To clarify, do I need to add " action = %(action_mw)s" in my > > /etc/fail2ban/jail.local file? > > > > Yes. It doesn't have to be that one exactly, any action that includes > sending mail will do. > > -- > > René Berber > > > > > > ------------------------------------------------------------------------------ > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > > Fail2ban-users mailing list > > [email protected]<mailto:[email protected]> > > https://lists.sourceforge.net/lists/listinfo/fail2ban-users > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users your quoting method really needs some examination. top post, long lines, old sigs and I didn't bother to correct any of it. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Registered Linux User #207535 @ http://linuxcounter.net Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
