Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was used to check roots mail with the command 'mail'. I got everyday a kind of status report of the system: Who logged in via ssh, errors from vsftpd, what was cron doing,...
Suddenly I receive no mails any longer.
Any ideas why?
Did you have logwatch installed? It provides a daily summary of important log messages which is then mailed to root. If that was the messages you were seeing, check /etc/cron.daily/ and make sure that a logwatch is in the directory. It should be a link, so do ls -al and make sure that the file it is linked to exists as well (usually is /etc/log.d/scripts/logwatch.pl). Then try sending a message with logwatch by running "logwatch".
Also, take a look and make sure that syslog is running and that log messages are appearing in the system logs. If you don't see anything current, test it by doing: "logger test" and check system log to confirm logging of "test" message occurred.
yeah, it is logwatch (i remember). i checked out, what you have said, and everything seems to be okay. But I get no mail, if I run logwatch - now I know my problem =). If I run 'logwatch --print', I can see the whole report on stdout.
So if you run logwatch without any options, it doesn't mail root any messages? Does your local mail system work (try sending mail to root) or is it only a logwatch problem?
it's a mail problem. i can send mails without errors, but i don't receive mails: 'No mail for root'. I tried to send mails with another user -> same problem.
does anybody know, how I can fix this?
Dec 26 04:19:44 projekte4 sm-msp-queue[17406]:
iBQ524nA017175: to=root, ctladdr=root (0/0), delay=00:17:40,
xdelay=00:03:09, mailer=relay, pri=120042, relay=[127.0.0.1] [127.0.0.1],
dsn=4.0.0, stat=Deferred: Connection timed out with [127.0.0.1]
if i am right, i'd say, the mailerdaemon is not running. am i right? I've looked for a daemon - i've found sendmail. But I'm not sure, if it is also responsible for receiving mails.
That error message usually means that sendmail is down/off or your firewall is blocking connections over the loopback interface. However, sendmail should be up if you can send a message. Check with netstat -pant (should see sendmail listening and accepting connections on localhost port 25). Check to make sure that sendmail is running with: ps aux | grep sendmail. Also try restarting the sendmail daemon (service sendmail restart).
thanks for your help - now I've found my mistake. In my 'delusion of security' I've scanned my box for opened ports. After that I was closing all ports I thought I do not need to be opened. Because of I had no mailserver installed (I thought ), I closed port 25 - smtp using iptables. Now I've opened it again, but only for the localhost.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
), I closed port 25 - smtp using iptables. Now I've opened it again, but only for the localhost.
