Fail2ban: disable email notifications

Hi All,

I recently setup fail2ban on my CentOS 6.5 VPS, which running as expected.

I dont want an email everytime a spammer is blocked.

How do I disable email notifications?

many thanks
Who is Participating?
Jan SpringerConnect With a Mentor Commented:
I would create an email alias that gets forwarded to /dev/null in your email server configuration and use that email address in your notify section of the configuration.
In /etc/fail2ban/jail.conf locate the jail by its name in brackets, then from the "action =" lines remove the "sendmail.*]" part. The re-initialize the configuration change by running 'fail2ban-client reload [name-of-jail]' and check with 'fail2ban-client get [name-of-jail] actionstart'.
detox1978Author Commented:
That didnt work.

I commented out my email address and reloaded fail2ban, but it's still sending me email

fail2ban-client -d

Open in new window

['set', 'postfix', 'setcinfo', 'sendmail', 'dest', '']

Open in new window

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

From your output it seems enabled but you didn't post what you did nor your jail.conf contents, so rinse & repeat in the jail.conf Postfix section. Then check with 'grep -v -n ^# /etc/fail2ban/jail.conf | grep sendmail' and if OK reload the affected services.
detox1978Author Commented:
Sorry for the delay

[root@www ~]# grep -v -n ^# /etc/fail2ban/jail.conf | grep sendmail
69:           sendmail-whois[name=SSH,,]
79:           sendmail-whois[name=ProFTPD,]
91:           sendmail-whois[name=sasl,]
102:              sendmail-whois[name=SSH,]
139:action   = sendmail-whois[name=VSFTPD,]
151:           sendmail-whois[name=VSFTPD,]
164:           sendmail-buffered[name=BadBots, lines=5,]
176:           sendmail[name=Postfix,]
229:           sendmail-whois[name="SSH,IPFW",]
274:           sendmail-whois[name=Named,]
285:           sendmail-whois[name=Asterisk,,]
294:           sendmail-whois[name=Asterisk,,]
309:           sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]

Open in new window

I'm still getting emails.... :-(
detox1978Author Commented:
Bizzarly when I reload fail2ban it says the jail already exists?

[root@www ~]# fail2ban-client -i
Fail2Ban v0.8.7 reads log file that contains password failure report
and bans the corresponding IP addresses using firewall rules.

fail2ban> reload
WARNING 'action' not defined in 'php-url-fopen'. Using default value
WARNING 'action' not defined in 'lighttpd-auth'. Using default value
WARNING 'action' not defined in 'lighttpd-fastcgi'. Using default value
The jail 'postfix' already exists

Open in new window

detox1978Author Commented:
Ok, I managed to reload the jail (I was using the wrong command).  When I check the status I get the following

[root@www ~]# fail2ban-client status postfix
Status for the jail: postfix
|- filter
|  |- File list:        /var/log/maillog
|  |- Currently failed: 206
|  `- Total failed:     219
`- action
   |- Currently banned: 0
   |  `- IP list:
   `- Total banned:     0

Open in new window

detox1978Author Commented:
I'm still getting lots of email notifications.  So not sure what else to try.
detox1978Author Commented:
This is still a big issue for me.  Any ideas.  This should be pretty simple.
serialbandConnect With a Mentor Commented:
in jail.conf change

action = %(action_mw)s
action = %(action_)s

There are several actions defined in jail.conf.  action_mw sends mail.  action_ does not.


Find and change
destemail =
detox1978Author Commented:
Sorry for the delay.  I created a rule in my gmail account to bin them, so this is no longer needed.

Many thanks
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.