Solved

Fail2ban:  disable email notifications

Posted on 2014-03-08
12
7,891 Views
Last Modified: 2014-06-09
Hi All,

I recently setup fail2ban on my CentOS 6.5 VPS, which running as expected.

I dont want an email everytime a spammer is blocked.

How do I disable email notifications?


many thanks
0
Comment
Question by:detox1978
12 Comments
 
LVL 7

Expert Comment

by:unSpawn
Comment Utility
In /etc/fail2ban/jail.conf locate the jail by its name in brackets, then from the "action =" lines remove the "sendmail.*dest=you@mail.com]" part. The re-initialize the configuration change by running 'fail2ban-client reload [name-of-jail]' and check with 'fail2ban-client get [name-of-jail] actionstart'.
0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
That didnt work.

I commented out my email address and reloaded fail2ban, but it's still sending me email

fail2ban-client -d

Open in new window

returns
['set', 'postfix', 'setcinfo', 'sendmail', 'dest', 'myemail@gmail.com']

Open in new window

0
 
LVL 7

Expert Comment

by:unSpawn
Comment Utility
From your output it seems enabled but you didn't post what you did nor your jail.conf contents, so rinse & repeat in the jail.conf Postfix section. Then check with 'grep -v -n ^# /etc/fail2ban/jail.conf | grep sendmail' and if OK reload the affected services.
0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
Sorry for the delay

[root@www ~]# grep -v -n ^# /etc/fail2ban/jail.conf | grep sendmail
69:           sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com]
79:           sendmail-whois[name=ProFTPD, dest=you@example.com]
91:           sendmail-whois[name=sasl, dest=you@example.com]
102:              sendmail-whois[name=SSH, dest=you@example.com]
139:action   = sendmail-whois[name=VSFTPD, dest=you@example.com]
151:           sendmail-whois[name=VSFTPD, dest=you@example.com]
164:           sendmail-buffered[name=BadBots, lines=5, dest=you@example.com]
176:           sendmail[name=Postfix, dest=you@example.com]
229:           sendmail-whois[name="SSH,IPFW", dest=you@example.com]
274:           sendmail-whois[name=Named, dest=you@example.com]
285:           sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com]
294:           sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com]
309:           sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]

Open in new window


I'm still getting emails.... :-(
0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
Bizzarly when I reload fail2ban it says the jail already exists?

[root@www ~]# fail2ban-client -i
Fail2Ban v0.8.7 reads log file that contains password failure report
and bans the corresponding IP addresses using firewall rules.

fail2ban> reload
WARNING 'action' not defined in 'php-url-fopen'. Using default value
WARNING 'action' not defined in 'lighttpd-auth'. Using default value
WARNING 'action' not defined in 'lighttpd-fastcgi'. Using default value
The jail 'postfix' already exists
fail2ban>

Open in new window

0
Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

 
LVL 2

Author Comment

by:detox1978
Comment Utility
Ok, I managed to reload the jail (I was using the wrong command).  When I check the status I get the following

[root@www ~]# fail2ban-client status postfix
Status for the jail: postfix
|- filter
|  |- File list:        /var/log/maillog
|  |- Currently failed: 206
|  `- Total failed:     219
`- action
   |- Currently banned: 0
   |  `- IP list:
   `- Total banned:     0

Open in new window

0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
I'm still getting lots of email notifications.  So not sure what else to try.
0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
This is still a big issue for me.  Any ideas.  This should be pretty simple.
0
 
LVL 28

Accepted Solution

by:
Jan Springer earned 250 total points
Comment Utility
I would create an email alias that gets forwarded to /dev/null in your email server configuration and use that email address in your notify section of the configuration.
0
 
LVL 27

Assisted Solution

by:serialband
serialband earned 250 total points
Comment Utility
in jail.conf change

action = %(action_mw)s
   to
action = %(action_)s

There are several actions defined in jail.conf.  action_mw sends mail.  action_ does not.

or

Find and change
destemail = your_email@domain.com
0
 
LVL 2

Author Closing Comment

by:detox1978
Comment Utility
Sorry for the delay.  I created a rule in my gmail account to bin them, so this is no longer needed.

Many thanks
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

The purpose of this article is to demonstrate how we can use conditional statements using Python.
Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
The purpose of this video is to demonstrate how to set up an account with Mailchimp. This will be demonstrated using a Windows 8 PC. Tools Used are: Mailchimp.com Go to Mailchimp.com : Enter an Email, Username, and Password. Click Create My Acco…
The purpose of this video is to demonstrate how to set up a Mailchimp Template which will let the user create a uniform look for all of their campaigns. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mail…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now