My CentOS server has postfix as MTA and it’s working.
When I type the command mail -s "testing" <my gmail address>, I receive the email.
However, Fail2ban is unable to send emails to my gmail address when an IP gets banned. I’m probably missing some configuration in jail.conf.
Here is part of my jail.conf file:
destemail = myaddress#gmail.com
sendername = fail2ban
mta = sendmail
protocol = tcp
action = %(action_mwl)s
I already tried mta = postfix and it didn’t work.
Thanks in advance for your help.
EDIT: I was able to make it work. None of the configuration above is correct for my fail2ban v0.8.10 and my linux CentOS 6. In fact, I removed all the lines above (garbage).
I found a pre-defined action in /etc/fail2ban/action.d/mail.conf file.
I noticed this action uses "mail -s" command which works on my server.
So, I decided to use this action in my jail.conf file as such:
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
mail[name=ssh, dest=my-address#gmail.com]
logpath = /var/log/secure
maxretry = 5
The only thing that needs to be change to get an email from fail2ban is to add that line below “action” that starts with “mail.” Very simple and easy.
You should change mta = sendmail to:
mta = mail
if you want email notifications with whois i found this solution
[sshd]
enabled = true
logpath = %(sshd_log)s
action = iptables-ipset-proto6[name=ssh, port=ssh, protocol=tcp, bantime=0]
mail-whois[name=sshd, dest=my-email#something.com]
findtime = 3600
bantime = -1
maxretry = 3
All of the above did not work for me.
What worked for me was adding second line under action =....
to be:
sendmail[mailcmd='/usr/sbin/sendmail -f "<sender>" "<dest>"', dest="email#recipient.com", sender="fail2ban", sendername="Fail2Ban", name="jail_name"]
Note: You may do so for various jails.
Also note, that if you would like to get an email notification for ModSecurity, you can do so, by setting a Fail2Ban jail for ModSecurity, and then get the email notifications.
Related
Im trying to add custom headers to my Exim4 config for all my emails to show up in CloudWatch. To get it working i updated the config with below:
.ifdef DCconfig_smarthost DCconfig_satellite
# configtype=smarthost or configtype=satellite
#
# Send all non-local mail to a single other machine (smarthost).
#
# This means _ALL_ non-local mail goes to the smarthost. This will most
# probably not do what you want for domains that are listed in
# relay_domains. The most typical use for relay_domains is to control
# relaying for incoming e-mail on secondary MX hosts. In that case,
# it doesn't make sense to send the mail to the smarthost since the
# smarthost will probably send the message right back here, causing a
# loop.
#
# If you want to use a smarthost while being secondary MX for some
# domains, you'll need to copy the dnslookup_relay_to_domains router
# here so that mail to relay_domains is handled separately.
smarthost:
debug_print = "R: smarthost for $local_part#$domain"
driver = manualroute
headers_add = X-SES-CONFIGURATION-SET: CloudWatch
headers_add = X-SES-MESSAGE-TAGS: customer=senet, application=twentyfour
domains = ! +local_domains
transport = remote_smtp_smarthost
route_list = * DCsmarthost byname
host_find_failed = ignore
same_domain_copy_routing = yes
no_more
.endif
This actually works well where i updated the debug message on the router and while sending emails from the CLI that specific message was shown.
When i check the exim config exim -bP config i see that also there the info is set properly:
begin routers
smarthost:
debug_print = "R: smarthost for $local_part#$domain"
driver = manualroute
headers_add = X-SES-CONFIGURATION-SET: CloudWatch
headers_add = X-SES-MESSAGE-TAGS: customer=senet, application=twentyfour
domains = ! +local_domains
transport = remote_smtp_smarthost
route_list = * email-smtp.eu-central-1.amazonaws.com:587 byname
host_find_failed = ignore
same_domain_copy_routing = yes
no_more
COND_LOCAL_SUBMITTER = "${if match_ip{$sender_host_address}{:#[]}{1}{0}}"
The only problem is that i don't see any of these 2 headers in my actual email.
Thanks in advance,
Best,
Pim
OpenBsd 6.2 - pf
I'm trying to set up an smtp relay to gmail.
since my connections are ok, i thought "ok... add smtp"... Bin non ! :/
Everything works fine if I empty /etc/pf.conf (so gmail connector is ok, /etc/mail/smtpd.conf and secrets.db too).
# OpenBSD 6.2 : pf.conf,v 1.54
int_if = "alc0"
tcp_ok = "{domain,ssh,smtp,auth,ntp,https,mysql}"
udp_ok = "{domain,ntp}"
set skip on lo
block all
pass proto tcp to any port $tcp_ok keep state
pass proto udp to any port $udp_ok keep state
Can't figure out what is wrong adding smtp port knowing that everything is ok without this service.
Thanks.
Ok...
Re-examining the logs /var/log/maillog I saw :
[...]mta event=connecting address=tls://108.177.15.16:587
So
grep -w 587 /etc/services
to get...
submission 587/tcp ... # mail message submission
submission 587/udp ... # mail message submission
Updated :
tcp_ok = "{domain,ssh,smtp,submission,auth,ntp,https,mysql}"
udp_ok = "{domain,ntp,submission}"
Reloaded pf rules :
pfctl -f /etc/pf.conf
Ok... :D
I know there are plenty of questions out there with this but none seem to have an answer which works for me.
My application is ASP Classic, the server it is running on is Windows Server 2000 (very old I know), I am using an Office365 server and I'm using the information provided by the Office365 when I login to the email (Port 587, correct username and password, correct smtp server, TLS set to true).
I always get "CDO.Message.1 error '80040213' The transport failed to connect to the server." as an error message, the line it errors on is the .Send command.
Const cdoSendUsingMethod = "http://schemas.microsoft.com/cdo/configuration/sendusing"
Const cdoSendUsingPort = 2
Const cdoSMTPServer = "http://schemas.microsoft.com/cdo/configuration/smtpserver"
Const cdoSMTPServerPort = "http://schemas.microsoft.com/cdo/configuration/smtpserverport"
Const cdoSMTPConnectionTimeout = "http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout"
Const cdoSMTPAuthenticate = "http://schemas.microsoft.com/cdo/configuration/smtpauthenticate"
Const cdoBasic = 1
Const cdoSendUserName = "http://schemas.microsoft.com/cdo/configuration/sendusername"
Const cdoSendPassword = "http://schemas.microsoft.com/cdo/configuration/sendpassword"
'Use SSL for the connection (False or True)
Const cdoSendTLS = "http://schemas.microsoft.com/cdo/configuration/smtpusessl"
' create CDOSYS objects
Set objCDOSYSMail = Server.CreateObject("CDO.Message")
Set objCDOSYSCon = Server.CreateObject ("CDO.Configuration")
'Set our smtp server
objCDOSYSCon.Fields.Item(cdoSMTPServer) = "smtp.office365.com"
objCDOSYSCon.Fields.Item(cdoSMTPAuthenticate) = cdoBasic
objCDOSYSCon.Fields.Item(cdoSendUserName) = "my.email#email.com"
objCDOSYSCon.Fields.Item(cdoSendPassword) = "password"
'objCDOSYSCon.Fields.Item(cdoSMTPServerPort) = 587
objCDOSYSCon.Fields.Item(cdoSendUsingMethod) = cdoSendUsingPort
objCDOSYSCon.Fields.Item(cdoSendTLS) = True
objCDOSYSCon.Fields.Item(cdoSMTPConnectionTimeout) = 30
objCDOSYSCon.Fields.Update
'Use our new configurations for our mailer
Set objCDOSYSMail.Configuration = objCDOSYSCon
strSpecFile = Application("px683_network_downloads_specs") & strSpecFileName
objCDOSYSMail.From = "to.email#email.com"
objCDOSYSMail.To = "my.email#email.com"
objCDOSYSMail.Subject = "A subject"
objCDOSYSMail.HTMLBody = "Some text for the body"
'Normal level of importance
objCDOSYSMail.Send
set objCDOSYSMail = nothing
set objCDOSYSCon = nothing
I have tried with port 25 without any luck as well. If I use another email service which doesn't use SSL at all (local service, not Office365) I have no issue (I comment out usessl and change the port to 25). Additionally if I try to use a different email service which I have running flawlessly in an ASP.Net application I get the same issues, this other email service uses port 25 and SSL and is not an Office365 service.
I have had this issue before. Basically you're not being authenticated to use the mail transport on the server.
Either your SMTP server isn't allowed to send outbound mail (e.g. to stop mail relay), you're username and password are incorrect or the port you are using needs a higher security level to send the mail. In the later instance it could be that Office365 requires SSL auth...maybe worth looking there.
If all else fails you can try using a 3rd party provider. We use SendInBlue on their £4.35 package. You're allowed to send up to 40,000 emails through their system. We found that sending the mail to a 3rd party totally removes issues over server settings stopping the mail transport function. We use this for both Classic ASP and PHP sites now.
Hope that helps.
I was finally able to get this working by moving the application to a Windows Server 2012 machine. I had to jump through a couple of loops which come with moving something that old between servers but I was able to get it working.
I was only able to use Port 25, 587 doesn't work. Keep in mind I tried port 25 on the original server and that didn't work there either.
With Office 365 and CDO you have to use port 25, even if you're using authenication. Looking at your code I think the port is the only thing to change, but here's a tried and tested configuration.
Set iConfg = Server.CreateObject("CDO.Configuration")
Set Flds = iConfg.Fields
With Flds
.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "smtp.office365.com"
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
.Item("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
.Item("http://schemas.microsoft.com/cdo/configuration/smtpusessl") = true
.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = "myaccount#mydomain.com"
.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "mypassword"
.Update
End With
objMail.Configuration = iConfg
According to the many posts on the web, the error message
The message could not be sent to the smtp server. The transport error code was 0x80040217. The server response was not available
Basically means it doesn't authenticate because of a faulty user name/password
The problem I have is I run the mail server. I push emails on my .net websites fine, this issue only exists when using CDO
The email, username and password are correct, it's stored in plain text in the .asp file
Set MyMail = Server.CreateObject("CDO.Message")
Set MyConfig = Server.CreateObject ("CDO.Configuration")
'MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/sendusername") = "name#example.co.uk"
'MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "passwordIsHere"
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "127.0.0.1" 'also tried with localhost, the actual IP of server and mail.example.co.uk (which is set up correctly)
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 587 ' also tried 25
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
MyConfig.Fields.Update
Any ideas why, on my W2012 server, I can run my asp.classic website, but cannot send the email?
The email account works fine when I send mail from MS outlook. The fault is only here, in the script.
So after a weird conversion in the comments
The issue is likely because (with correct syntax highlighting) the sendusername and sendpassword CDO.Configuration properties are commented out, so it is likely the mail server is failing to authenticate.
Just remove the comments and you should be good to go.
Set MyMail = Server.CreateObject("CDO.Message")
Set MyConfig = Server.CreateObject ("CDO.Configuration")
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/sendusername") = "name#example.co.uk"
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "passwordIsHere"
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "127.0.0.1" 'also tried with localhost, the actual IP of server and mail.example.co.uk (which is set up correctly)
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 587 ' also tried 25
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
MyConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
MyConfig.Fields.Update
I am running a Centos 6 VPS and Plesk 11. I am sending a test campaign to my own address and to a fictitious nonsense address and I am receiving the email at my account but I am not receiving any bounces from the nonsense address. My settings in the config.php file are:
$message_envelope = 'bounces#mydomain.com';
$bounce_protocol = 'pop';
$bounce_mailbox_host = 'localhost';
$bounce_mailbox_user = 'bounces#mydomain.com';
$bounce_mailbox_password = 'XXXXXX';
What's the next step in figuring out the problem? I also tried both variations of the following:
$bounce_mailbox_port = "110/pop3/notls";
#$bounce_mailbox_port = "110/pop3";
Configuration appears to be correct?
Figured this out -- after contacting my ISP I discovered I had exceeded my limit on SMTP relays. The bounces are working now -- they're just in the queue.