The logs do show that it is attempting to send mail to the correct email
address as defined in the config.
[03:23:06] Info: Emailing warnings to 'admin@*******.co.uk' using
command '/bin/mail -s "[rkhunter] Warnings found for ${HOST_NAME}"'
[03:23:45] /bin/mail [ OK ]
[03:23:51] /bin/mailx [ OK ]
[03:25:23] Checking for file '/tmp/.sendmail' [ Not found ]
[03:25:28] Checking for string 'sendmail' [ Not found ]
[03:25:49] Checking for string '/tmp/.sendmail' [ Not found ]
[root@ ~]# rpm -qa | grep -i sendmail
[root@ ~]# rpm -qa | grep -i postfix
[root@ ~]# rpm -qa | grep -i exim
exim-4.82-2.cp1136.x86_64
Would I be right in thinking rkhunter isn't somehow picking up the 'exim
version' of sendmail (/usr/sbin/sendmail) ?
Or what seems to be the issue?
Keith
On 09/12/13 13:20, John Horne wrote:
> On Mon, 2013-12-09 at 12:20 +0000, Admin wrote:
>> The address in the logs is to the root of our VPS
>> ([email protected]).
>> It's somehow getting the localhost root address from somewhere and
>> ignoring the address that is configured in /etc/rkhunter.conf .
>>
> The log file should say which configuration files it is using as well.
> Can you check that it is using the right ones, and perhaps grep all of
> those for MAIL_ON_WARNING as well (the option should be cumulative of
> email addresses, but without checking I cannot remember if this was
> actually done for the current rkhunter release. It might just be taking
> the last address it sees).
>
>
>
> John.
>
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
