Fail2ban MTA=Postfix Setting in Jail Config giving Error

iptables postfix fail2ban email-server jail
12,577

Solution 1

Looking at my /etc/fail2ban/jail.local there is this comment:

Since 0.8.1 upstream fail2ban uses sendmail MTA for the mailing. 
Change mta configuration parameter to mail if you want to revert to conventional 'mail'

Based on this and the error you posted, it seems you can only specify sendmail or mail.

Do you receive emails from fail2ban when mta is set to sendmail?

Solution 2

Ok, digging up an old thread but this is how I got postfix to work with Fail2ban:

in /etc/fail2ban/action.d/ I copied and renamed this files by changing all the sendmail to postfix Works fine for me now:

e.g cp sendmail-buffered.conf postfix-buffered.conf

same for all the rest of the sendmail conf files within this folder....

Then restart the fail2ban service -

Share:
12,577

Related videos on Youtube

Neel
Author by

Neel

Updated on September 18, 2022

Comments

  • Neel
    Neel almost 2 years

    In /etc/fail2ban/jail.local, when I have the MTA setting to Postfix, Fail2Ban is showing an error and is unable to start.

    [DEFAULT]

ignoreip = 127.0.0.1/8
bantime  = 1800                         
maxretry =  4                           
destemail = [email protected]   
mta = postfix                           
action = %(action_mwl)s

    Error:

    WARNING 'findtime' not defined in 'ssh'. Using default value
ERROR  /etc/fail2ban/action.d/postfix-whois-lines.conf and /etc/fail2ban/action.d/postfix-whois-lines.local do not exist
ERROR  Error in action definition postfix-whois-lines[name=ssh, dest="[email protected]", logpath=/var/log/auth.log, chain="INPUT"]
ERROR  Errors in jail 'ssh'. Skipping...
['set', 'loglevel', 3]
['set', 'logtarget', '/var/log/fail2ban.log']

    The error is pointing somewhere else, but when I comment out mta=postfix it works.

    I have Postfix installed as my MTA (in Debian 7) and I thought I am supposed to change default sendmail to postfix for this setting. Am I wrong?

  • Neel
    Neel over 9 years
    Thanks for your reply @jas_raj I tested it today with sendmail as the option for mta and fail2ban is still able to email me. So I guess having it as sendmail has no negative impact although I use postfix in my server. Thanks for confirming.. :)
  • Neel
    Neel over 9 years
    It's weird why it uses only sendmail or mail when postfix is a popular mta used as well. The comments in the file is misleading when it says to specify the mta that fail2ban needs to use.
  • Stuart Cardall
    Stuart Cardall about 6 years
    sendmail also works for ssmtp - this fixed connection errors to a local exim relay due to too many emails sent too quickly for mail to handle

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Fail2ban jail.local vs jail.conf
Fail2Ban: already banned?
What are fail2ban's log iptables "returned NNN" entries? (Fail2ban is failing to ban)
Fail2Ban or DenyHosts to block invalid username SSH login attempts
potential ufw and fail2ban conflicts
Cant SSH into server, not responding
How to get list banned ip and its unban time in fail2ban on Linux?
Multiple mail servers for a single domain
ubuntu PostFix + Dovecot mail server
Opened some ports with iptables but they aren't open