Fail2ban sendmail-whois sends to old receiver address
Hi!
I had a pretty stable fail2ban installation protecting my httpd, sshd, postfix, and dovecot services. Until one day I registered a new domain name and then deleted the email notification recipient user (let's call it applejuice) via userdel, and also the home directory (/home/applejuice). After creating my new user (let's call it apple), I then updated the sendmail-whois recipient in the config file /etc/postfix/main.cf from applejuice to apple for all of the configured jails. However, when banning IPs, I noticed that the jail tries to send emails to applejuice instead of apple in /var/log/maillog. Note that I did not specify any domain name in the sendmail-whois action. Also, I made sure applejuice cannot be found in any config file in /etc/: Code:
find /etc/ -type f -exec grep applejuice {} \; Thanks. |
Here's demo of my problem.
So this guy appeared on my log file. Code:
Apr 5 13:18:25 myserver postfix/smtpd[17662]: connect from erp.acunetix.com[217.115.140.112] Code:
[root@myserver log]# fail2ban-client set postfix banip 217.115.140.112 Code:
[root@myserver log]# tail maillog Code:
[root@myserver log]# find /etc/fail2ban -type f -exec grep applejuice {} \; Code:
[postfix] |
Marking as solved.
|
What was the "fix"?
|
Code:
systemctl reload postfix |
systemd? :rolleyes:
|
All times are GMT -5. The time now is 05:13 PM. |