How to use fail2ban manager

aaP_esales2000
Add postfix directly to the Server protection of fail2ban

aaPanel_Kern
I added the postfix rule successfully.
But, I want to add a rule for the web server as well.
The first time, it gives to add successfully a rule,
But, I`m getting a log creation error on two conditions:

1. when I try to edit an exciting rule.
2. when I delete the rule and try to add the same rule again.

aaP_esales2000
WebSite protection Add related sites
Rule file: /etc/fail2ban/jail.local
Please do not change it at will, the panel may not be recognized after the change

aaPanel_Kern
I notice that if i restart the Apache, i`m getting an error:
Apache rule configuration error:
AH00526: Syntax error on line 8 of /www/server/panel/vhost/apache/mydomain.conf:
CustomLog takes two or three arguments, a file name, a custom log format string or format name, and an optional "env=" or "expr=" clause (see docs)

aaP_esales2000

default configuration
combined

aaPanel_Kern
Working great.
By adding "combined" it solved all issues.
Thank you and have a great weekend

aaP_esales2000
In the Linux system, the root user can send emails by default. However, in order to enhance system security, you can restrict the root user from sending mail by configuring the mail server or changing the settings of the mail client.

Here are some ways you can restrict the root user from sending mail:

Configure mail server: You can configure mail server to prevent root user from sending mail. Specifically, you can create a mail filtering rule on the mail server to prevent the root user from sending mail. For example, in a Postfix mail server, you would add the following to the /etc/postfix/main.cf file:

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

Then, add the following to the /etc/postfix/sender_access file:

root REJECT

This will change mailx's default sender address, preventing root from sending mail.

Change the email address of the root user: You can change the email address of the root user to prevent the root user from sending emails. For example, on an Ubuntu system, you can edit the /etc/aliases file and change root's email address to a non-real email address:

root: /dev/null

This will prevent the root user from sending mail.
Note that changing the configuration of the root user may affect the normal operation of the system. Therefore, make sure you know what you are doing and back up important data before changing your system configuration.

When i use
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

Im receiving an error while trying to send emails from the primary email account that Im using on my WordPress (info@mydomain.com).
when I remove the sender restrict option from the config file. then it's working again and I can send emails from info@mydomain.com.
i didn't check yet if this issue is with all email accounts.

Mailer: Other SMTP
SMTP Error: The following recipients failed: someemailaddress@gmail.com: : Sender address rejected: Server configuration error

Is it possible to send after cancellation?
It is recommended to check whether the sender email configuration of wordpress is misconfigured?
Also check whether the ssl of the mail server is configured correctly?
"mail.135mailtest.com" is replaced with your domain name
You can use this command to check whether the correct SSL is configured
openssl s_client -connect mail.135mailtest.com:587 -starttls smtp
or
openssl s_client -connect mail.135mailtest.com:465 -starttls smtp

If the display is not OK, please re-apply for SSL

aaP_esales2000

aaPanel_Kern
Verify return code: 0 (ok)

The sender email is config correctly and the SSL is also ( using Chain SSL ).

Can I give you temporary access to the aaPanel?

aaPanel_Kern
Can you give me a hint on what to look? because it's happening only when I try to reject sending emails from the root.

That is the error that I'm receiving

Versions:
WordPress: 6.0.3
WordPress MS: No
PHP: 7.4.33
WP Mail SMTP: 3.8.0

Params:
Mailer: smtp
Constants: Yes
ErrorInfo: SMTP Error: The following recipients failed: recipient@me.com: : Sender address rejected: Server configuration error
Host: mail.mydomain.com
Port: 465
SMTPSecure: ssl
SMTPAutoTLS: bool(true)
SMTPAuth: bool(true)

Server:
OpenSSL: OpenSSL 1.0.2u 20 Dec 2019

Debug:
Email Source: WP Mail SMTP Pro
Mailer: Other SMTP
PHPMailer was able to connect to SMTP server but failed while trying to send an email.
Email Source: WP Mail SMTP Pro
Mailer: Other SMTP
SMTP Error: The following recipients failed: recipient@me.com: : Sender address rejected: Server configuration error

SMTP Debug:
2023-05-08 05:33:55 Connection: opening to ssl://mail.mydomain.com:465, timeout=300, options=array()

2023-05-08 05:33:55 Connection: opened

2023-05-08 05:33:55 SERVER -> CLIENT: 220 mail.mydomain.com ESMTP Postfix (3.4.7)

2023-05-08 05:33:55 CLIENT -> SERVER: EHLO tikair.co.il

2023-05-08 05:33:55 SERVER -> CLIENT: 250-mail.mydomain.com250-PIPELINING250-SIZE 102400000250-VRFY250-ETRN250-AUTH PLAIN LOGIN250-ENHANCEDSTATUSCODES250-8BITMIME250-DSN250-SMTPUTF8250 CHUNKING

2023-05-08 05:33:55 CLIENT -> SERVER: AUTH LOGIN

2023-05-08 05:33:55 SERVER -> CLIENT: 334 VXNlcm5hbWU6

2023-05-08 05:33:55 CLIENT -> SERVER: [credentials hidden]

2023-05-08 05:33:55 SERVER -> CLIENT: 334 UGFzc3dvcmQ6

2023-05-08 05:33:55 CLIENT -> SERVER: [credentials hidden]

2023-05-08 05:33:55 SERVER -> CLIENT: 235 2.7.0 Authentication successful

2023-05-08 05:33:55 CLIENT -> SERVER: MAIL FROM:noreply@mydomain.com

2023-05-08 05:33:55 SERVER -> CLIENT: 250 2.1.0 Ok

2023-05-08 05:33:55 CLIENT -> SERVER: RCPT TO:recipient@me.com

2023-05-08 05:33:55 SERVER -> CLIENT: 451 4.3.5 noreply@mydomain.com: Sender address rejected: Server configuration error

2023-05-08 05:33:55 SMTP ERROR: RCPT TO command failed: 451 4.3.5 noreply@mydomain.com: Sender address rejected: Server configuration error

2023-05-08 05:33:55 CLIENT -> SERVER: QUIT

2023-05-08 05:33:55 SERVER -> CLIENT: 221 2.0.0 Bye

2023-05-08 05:33:55 Connection: closed

SMTP Error: The following recipients failed: recipient@me.com: noreply@mydomain.com: Sender address rejected: Server configuration error

That my mail config

readme_directory = /usr/share/doc/postfix3-3.4.7/README_FILES
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
virtual_mailbox_domains = sqlite:/etc/postfix/sqlite_virtual_domains_maps.cf
virtual_alias_maps = sqlite:/etc/postfix/sqlite_virtual_alias_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = sqlite:/etc/postfix/sqlite_virtual_mailbox_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_mailbox_maps.cf
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_use_tls = yes
smtp_tls_security_level = may
smtpd_tls_security_level = may
virtual_transport = lmtp:unix:private/dovecot-lmtp
message_size_limit = 102400000
smtpd_milters = inet:127.0.0.1:11332
non_smtpd_milters = inet:127.0.0.1:11332
milter_protocol = 6
milter_default_action = accept
default_process_limit = 100
smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 30
queue_minfree = 20971520
header_size_limit = 51200
smtpd_recipient_limit = 400
#smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

smtpd_tls_chain_files = /www/server/panel/plugin/mail_sys/cert/mydomain.com/privkey.pem,/www/server/panel/plugin/mail_sys/cert/mydomain.com/fullchain.pem
tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map

milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}

aaP_esales2000
Hello, is it normal for Send mail to use the relevant user to send mail in the mail server?
Is it normal to add a # comment to the configuration of milter_mail_macros and restart postfix?