In /etc/fail2ban/jail.local, when I have the MTA setting to Postfix, Fail2Ban is showing an error and is unable to start.
[DEFAULT]
ignoreip = 127.0.0.1/8
bantime = 1800
maxretry = 4
destemail = [email protected]
mta = postfix
action = %(action_mwl)s
Error:
WARNING 'findtime' not defined in 'ssh'. Using default value
ERROR /etc/fail2ban/action.d/postfix-whois-lines.conf and /etc/fail2ban/action.d/postfix-whois-lines.local do not exist
ERROR Error in action definition postfix-whois-lines[name=ssh, dest="[email protected]", logpath=/var/log/auth.log, chain="INPUT"]
ERROR Errors in jail 'ssh'. Skipping...
['set', 'loglevel', 3]
['set', 'logtarget', '/var/log/fail2ban.log']
The error is pointing somewhere else, but when I comment out mta=postfix it works.
I have Postfix installed as my MTA (in Debian 7) and I thought I am supposed to change default sendmail to postfix for this setting. Am I wrong?
Looking at my
/etc/fail2ban/jail.localthere is this comment:Based on this and the error you posted, it seems you can only specify
sendmailormail.Do you receive emails from fail2ban when
mtais set tosendmail?Ok, digging up an old thread but this is how I got postfix to work with Fail2ban:
in /etc/fail2ban/action.d/ I copied and renamed this files by changing all the sendmail to postfix Works fine for me now:
e.g cp sendmail-buffered.conf postfix-buffered.conf
same for all the rest of the sendmail conf files within this folder....
Then restart the fail2ban service -