How do I send mail from Tripwire using SMTP?
If your hostname on your server is not a FQDN (fully qualified domain name - i.e. myhost vs. myhost.example.com, where the latter is a FQDN) you will probably not be able to send out emails with tripwire. This was the case for me using Ubuntu server.
You can check your hostname with:
hostname
And you can change it with:
sudo hostname MYFQDN
where MYFQDN is your new FQDN hostname.
After this you should run a tripwire check:
sudo tripwire --check
You should see various errors now. Tripwire uses HOSTNAME to name various files. You will need to rename a few.
Finally you will also need to reinitialize your database due to the error:
Policy file does not match policy used to create database.
You can do that with:
sudo tripwire -m i
And it should now work.
EDIT: Two additional comments...
to permanently change my hostname I had to edit /etc/hostname otherwise your changes will not survive a reboot
you may be able to update your database above (instead of using sudo tripwire -m i) by using:
sudo tripwire -m p
Related videos on Youtube
21 : 01
23 : 44
14 : 02
03 : 25
10 : 03
Admin
Updated on September 17, 2022Comments
-
Admin over 1 year
I have just installed tripwire using Ubuntu repos and have gone into the configuration files and changed everything to what I want. When in comes to the options for SMTP mail method and the server and port to use, I am stumped. When I run the test email I get this error message.
/usr/sbin/tripwire --test --email blah@nowhere Sending a test message to: blah@nowhere ### Error: The SMTP connection could not be established. ### Server: localhost ### Exiting... Email test failed.I have made appropriate changes to the firewall. I don't have an smtp server installed. Do I need to? Any other ways I could use without installing an SMTP server due to security issues?