22 days later
4 months later
3 years later

I add a rule to one for one of my websites.
then I wanted to change it, but I receive a log error.
I deleted the rule and when I try to create a new rule for the same domain, I`m getting an error

*The log file does not exist and cannot be created*

Any idea how to solve it?

    aaPanel_Kern
    I added the postfix rule successfully.
    But, I want to add a rule for the web server as well.
    The first time, it gives to add successfully a rule,
    But, I`m getting a log creation error on two conditions:

    1. when I try to edit an exciting rule.
    2. when I delete the rule and try to add the same rule again.

      aaP_esales2000
      WebSite protection Add related sites
      Rule file: /etc/fail2ban/jail.local
      Please do not change it at will, the panel may not be recognized after the change

        aaPanel_Kern
        I notice that if i restart the Apache, i`m getting an error:
        Apache rule configuration error:
        AH00526: Syntax error on line 8 of /www/server/panel/vhost/apache/mydomain.conf:
        CustomLog takes two or three arguments, a file name, a custom log format string or format name, and an optional "env=" or "expr=" clause (see docs)

          some hacker is sending emails from root@mydomain and root@locahost

          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 4E8C6160062A: removed
          May 5 15:46:28 vmi613070 postfix/local[18768]: C56E71601880: to=<root@localhost>, relay=local, delay=16772, delays=16772/0.52/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: C56E71601880: removed
          May 5 15:46:28 vmi613070 postfix/local[18765]: 0CBA3160072E: to=<root@localhost>, relay=local, delay=26749, delays=26748/0.52/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 0CBA3160072E: removed
          May 5 15:46:28 vmi613070 postfix/local[18768]: 9DB4D160059E: to=<root@localhost>, relay=local, delay=9583, delays=9583/0.53/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 9DB4D160059E: removed
          May 5 15:46:28 vmi613070 postfix/local[18767]: 3FCC816007A7: to=<root@localhost>, relay=local, delay=23291, delays=23290/0.53/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 3FCC816007A7: removed
          May 5 15:46:28 vmi613070 postfix/local[18765]: C346B1600552: to=<root@localhost>, relay=local, delay=34139, delays=34139/0.54/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: C346B1600552: removed
          May 5 15:46:28 vmi613070 postfix/local[18768]: B9B1D16000EB: to=<root@localhost>, relay=local, delay=34140, delays=34139/0.54/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: B9B1D16000EB: removed
          May 5 15:46:28 vmi613070 postfix/local[18765]: 95BCF160149C: to=<root@localhost>, relay=local, delay=4029, delays=4029/0.55/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 95BCF160149C: removed
          May 5 15:46:28 vmi613070 postfix/local[18767]: AFAAE1600113: to=<root@localhost>, relay=local, delay=28708, delays=28708/0.55/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: AFAAE1600113: removed
          May 5 15:46:29 vmi613070 postfix/local[18766]: B222B1601485: to=<root@localhost>, relay=local, delay=21982, delays=21981/0.03/0/0.91, dsn=2.0.0, status=sent (delivered to mailbox)
          .....
          May 5 15:46:28 vmi613070 postfix/master[18761]: daemon started -- version 3.4.7, configuration /etc/postfix
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: warning: /etc/postfix/main.cf, line 707: overriding earlier entry: myhostname=mail.mydomain.com
          May 5 15:46:28 vmi613070 postfix/pickup[18762]: warning: /etc/postfix/main.cf, line 707: overriding earlier entry: myhostname=mail.mydomain.com
          May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 8361616007ED: from=root@vmi613070.hostingdomain.com, size=493, nrcpt=1 (queue active)
          May 5 15:46:28 vmi613070 postfix/trivial-rewrite[18764]: warning: /etc/postfix/main.cf, line 707: overriding earlier entry: myhostname=mail.mydomain.com

          What is the best way to block it?

            aaP_esales2000
            In the Linux system, the root user can send emails by default. However, in order to enhance system security, you can restrict the root user from sending mail by configuring the mail server or changing the settings of the mail client.

            Here are some ways you can restrict the root user from sending mail:

            Configure mail server: You can configure mail server to prevent root user from sending mail. Specifically, you can create a mail filtering rule on the mail server to prevent the root user from sending mail. For example, in a Postfix mail server, you would add the following to the /etc/postfix/main.cf file:

            smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

            Then, add the following to the /etc/postfix/sender_access file:

            root REJECT

            This will change mailx's default sender address, preventing root from sending mail.

            Change the email address of the root user: You can change the email address of the root user to prevent the root user from sending emails. For example, on an Ubuntu system, you can edit the /etc/aliases file and change root's email address to a non-real email address:

            root: /dev/null

            This will prevent the root user from sending mail.
            Note that changing the configuration of the root user may affect the normal operation of the system. Therefore, make sure you know what you are doing and back up important data before changing your system configuration.

              When i use
              smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

              Im receiving an error while trying to send emails from the primary email account that Im using on my WordPress (info@mydomain.com).
              when I remove the sender restrict option from the config file. then it's working again and I can send emails from info@mydomain.com.
              i didn't check yet if this issue is with all email accounts.

              Mailer: Other SMTP
              SMTP Error: The following recipients failed: someemailaddress@gmail.com: : Sender address rejected: Server configuration error

                Is it possible to send after cancellation?
                It is recommended to check whether the sender email configuration of wordpress is misconfigured?
                Also check whether the ssl of the mail server is configured correctly?
                "mail.135mailtest.com" is replaced with your domain name
                You can use this command to check whether the correct SSL is configured
                openssl s_client -connect mail.135mailtest.com:587 -starttls smtp
                or
                openssl s_client -connect mail.135mailtest.com:465 -starttls smtp

                If the display is not OK, please re-apply for SSL

                aaP_esales2000

                  aaPanel_Kern
                  Verify return code: 0 (ok)

                  The sender email is config correctly and the SSL is also ( using Chain SSL ).

                  Can I give you temporary access to the aaPanel?

                    aaPanel_Kern
                    Can you give me a hint on what to look? because it's happening only when I try to reject sending emails from the root.

                    That is the error that I'm receiving

                    Versions:
                    WordPress: 6.0.3
                    WordPress MS: No
                    PHP: 7.4.33
                    WP Mail SMTP: 3.8.0

                    Params:
                    Mailer: smtp
                    Constants: Yes
                    ErrorInfo: SMTP Error: The following recipients failed: recipient@me.com: : Sender address rejected: Server configuration error
                    Host: mail.mydomain.com
                    Port: 465
                    SMTPSecure: ssl
                    SMTPAutoTLS: bool(true)
                    SMTPAuth: bool(true)

                    Server:
                    OpenSSL: OpenSSL 1.0.2u 20 Dec 2019

                    Debug:
                    Email Source: WP Mail SMTP Pro
                    Mailer: Other SMTP
                    PHPMailer was able to connect to SMTP server but failed while trying to send an email.
                    Email Source: WP Mail SMTP Pro
                    Mailer: Other SMTP
                    SMTP Error: The following recipients failed: recipient@me.com: : Sender address rejected: Server configuration error

                    SMTP Debug:
                    2023-05-08 05:33:55 Connection: opening to ssl://mail.mydomain.com:465, timeout=300, options=array()

                    2023-05-08 05:33:55 Connection: opened

                    2023-05-08 05:33:55 SERVER -> CLIENT: 220 mail.mydomain.com ESMTP Postfix (3.4.7)

                    2023-05-08 05:33:55 CLIENT -> SERVER: EHLO tikair.co.il

                    2023-05-08 05:33:55 SERVER -> CLIENT: 250-mail.mydomain.com250-PIPELINING250-SIZE 102400000250-VRFY250-ETRN250-AUTH PLAIN LOGIN250-ENHANCEDSTATUSCODES250-8BITMIME250-DSN250-SMTPUTF8250 CHUNKING

                    2023-05-08 05:33:55 CLIENT -> SERVER: AUTH LOGIN

                    2023-05-08 05:33:55 SERVER -> CLIENT: 334 VXNlcm5hbWU6

                    2023-05-08 05:33:55 CLIENT -> SERVER: [credentials hidden]

                    2023-05-08 05:33:55 SERVER -> CLIENT: 334 UGFzc3dvcmQ6

                    2023-05-08 05:33:55 CLIENT -> SERVER: [credentials hidden]

                    2023-05-08 05:33:55 SERVER -> CLIENT: 235 2.7.0 Authentication successful

                    2023-05-08 05:33:55 CLIENT -> SERVER: MAIL FROM:noreply@mydomain.com

                    2023-05-08 05:33:55 SERVER -> CLIENT: 250 2.1.0 Ok

                    2023-05-08 05:33:55 CLIENT -> SERVER: RCPT TO:recipient@me.com

                    2023-05-08 05:33:55 SERVER -> CLIENT: 451 4.3.5 noreply@mydomain.com: Sender address rejected: Server configuration error

                    2023-05-08 05:33:55 SMTP ERROR: RCPT TO command failed: 451 4.3.5 noreply@mydomain.com: Sender address rejected: Server configuration error

                    2023-05-08 05:33:55 CLIENT -> SERVER: QUIT

                    2023-05-08 05:33:55 SERVER -> CLIENT: 221 2.0.0 Bye

                    2023-05-08 05:33:55 Connection: closed

                    SMTP Error: The following recipients failed: recipient@me.com: noreply@mydomain.com: Sender address rejected: Server configuration error

                    That my mail config

                    readme_directory = /usr/share/doc/postfix3-3.4.7/README_FILES
                    meta_directory = /etc/postfix
                    shlib_directory = /usr/lib/postfix
                    virtual_mailbox_domains = sqlite:/etc/postfix/sqlite_virtual_domains_maps.cf
                    virtual_alias_maps = sqlite:/etc/postfix/sqlite_virtual_alias_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_catchall_maps.cf
                    virtual_mailbox_maps = sqlite:/etc/postfix/sqlite_virtual_mailbox_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_mailbox_maps.cf
                    smtpd_sasl_type = dovecot
                    smtpd_sasl_path = private/auth
                    smtpd_sasl_auth_enable = yes
                    smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
                    smtpd_use_tls = yes
                    smtp_tls_security_level = may
                    smtpd_tls_security_level = may
                    virtual_transport = lmtp:unix:private/dovecot-lmtp
                    message_size_limit = 102400000
                    smtpd_milters = inet:127.0.0.1:11332
                    non_smtpd_milters = inet:127.0.0.1:11332
                    milter_protocol = 6
                    milter_default_action = accept
                    default_process_limit = 100
                    smtpd_client_connection_count_limit = 10
                    smtpd_client_connection_rate_limit = 30
                    queue_minfree = 20971520
                    header_size_limit = 51200
                    smtpd_recipient_limit = 400
                    #smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

                    smtpd_tls_chain_files = /www/server/panel/plugin/mail_sys/cert/mydomain.com/privkey.pem,/www/server/panel/plugin/mail_sys/cert/mydomain.com/fullchain.pem
                    tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map

                    milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}

                      aaP_esales2000
                      Hello, is it normal for Send mail to use the relevant user to send mail in the mail server?
                      Is it normal to add a # comment to the configuration of milter_mail_macros and restart postfix?