Difficulty Configuring OSSEC to Send Email Notifications Through GMail SMTP
Greetings:
I am attempt to set up OSSEC to send email notifications through Google's SMTP on my CentOS system. I have referenced the following tutorial: https://myopsblog.wordpress.com/2017...ts-from-gmail/ I have sSMTP package functioning. That is, I can send email to my Yahoo account through something such as follows: Code:
ssmtp xxx@yahoo.com < message.txt Code:
2019/02/22 05:10:01 ossec-maild(1223): ERROR: Error Sending email to localhost (smtp server) Code:
AuthMethod=LOGIN Code:
<global> Thanks. |
Why are you configuring ossec to use localhost? Do you have a mail server configured? As you've configured ssmtp, it's not a mail server but just a connector to gmail, as I understand it.
Can you configure ossec to use ssmtp? If not try configuring ossec to use gmail directly, as you've done for ssmtp. |
Thanks for the response. I was configuring OSSEC to use localhost because, according to the article/tutorial I was following:
"Local postfix will redirect all delivery requests to gmail user set in SSMTP." This may be incorrect, but I am not familar enough with either Postfix or sSMTP to say for certain one way or another. Unfortunately, I do not see how I would configure OSSEC to use GMail directly, since I see no way to specify necessary options such as port, credentials, etc. According to my understanding of the OSSEC documentation, there are only a handful of options relevant to email - smtp_server, email_to, email_from, etc. While I have some familiarity with e-mail protocols, I have never set-up a full SMTP server on a system. If my current sSMTP configuration is not capable of performing the task of forwarding OSSEC's request to GMail, is there some sSMTP configuration that can be performed, or must a different MTA package/utility be used? Thanks. |
Quote:
Reading the how-to about OSSEC on digitalocean.com I find. Quote:
|
I actually do have Postfix installed and running; it was installed with the system. I just never touched any of the configuration files. I am guessing I have to configure Postfix itself; configuring the sSMTP package is not sufficient even though I can send email through the command line? Sorry, for the stupid question; I am a bit unclear on the relationship between Postfix and sSMTP. The article I was following explained how to configure sSMTP, but only referenced installing (not detailing the configuration of) Postfix.
Thanks. |
If postfix is running, perhaps the only issue is that it's not "at" localhost. Try using 127.0.0.1 instead of localhost in your ossec configuration.
|
That was indeed the problem. Really not sure why OSSEC was not able to find the Postfix server at localhost, but it did with the IP. Thanks much!
|
Glad I could help.
What’s in /etc/hosts? |
All times are GMT -5. The time now is 08:48 PM. |