Re: Fail2ban mail failures ???

[Александр Кириллов <nevis2us@xxxxxxxxxxx>]

> > I'm using fail2ban with CentOS 6.6. Something is causing fail2ban's
> > alerts sent to root's mail to be rejected. Here's a clip from one of
> > the
> > error messages:
> >
> >
> >         Message 48:
> >         From MAILER-DAEMON@xxxxxxxxxxxxxxxxxx  Sun Dec 21 03:09:20 
> > 2014
> >         Return-Path: <MAILER-DAEMON@xxxxxxxxxxxxxxxxxx>
> >         Date: Sun, 21 Dec 2014 03:09:19 -0600
> >         From: Mail Delivery Subsystem
> > <MAILER-DAEMON@xxxxxxxxxxxxxxxxxx>
> >         To: postmaster@xxxxxxxxxxxxxxxxxx
> >         Content-Type: multipart/report; report-type=delivery-status;
> >         	boundary="sBL97EKS003880.1419152959/lion.protogeek.org"
> >         Subject: Postmaster notify: see transcript for details
> >         Auto-Submitted: auto-generated (postmaster-notification)
> >         Status: R
> >
> >         Part 1:
> >
> >         The original message was received at Tue, 16 Dec 2014 03:09:17
> >         -0600
> >         from localhost
> >         with id sBG97E83025627
> >
> >            ----- The following addresses had permanent fatal errors
> >         -----
> >         <fail2ban@xxxxxxxxxxx>
> >
> >            ----- Transcript of session follows -----
> >         <fail2ban@xxxxxxxxxxx>... Deferred: Connection timed out with
> >         example.com.
> >         Message could not be delivered for 5 days
> >         Message will be deleted from queue
> >         ..........
> >
> >
> >
> > I used to get the messages that are now being deleted after five days.
> > Any suggestions?
>
> Check your /etc/fail2ban/jail.local /etc/fail2ban/jail.conf.
> You have to provide valid email addresses for dest= and sender=
> parameters in sendmail-whois or mail-whois actions for enabled jails.
> os.org/mailman/listinfo/centos
>
>
> Александр Кириллов,
>
> I should have made it clear that this is all on one machine. The
> jail.conf file is the default from the fail2ban package. It used to 
> work
> perfectly, but now has the mail problem. All I've had to do for years 
> is
> install the fail2ban package, start it, and make it autostart whenever 
> I
> reboot. Now it's misbehaving in a way that puzzles me.

Robert,

If you never changed fail2ban defaults you probably had email aliases 
defined somewhere in your configurations. Whatever you had it was 
incorrect and it's not worth the effort to figure out why it ever worked 
if at all. The "right" way is to use email addresses in (at least 
locally) routable domains.

Alexander

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos