nephilax
Please update to 1.1 to fix this issue
How to use fail2ban manager
- Edited
I add a rule to one for one of my websites.
then I wanted to change it, but I receive a log error.
I deleted the rule and when I try to create a new rule for the same domain, I`m getting an error
*The log file does not exist and cannot be created*
Any idea how to solve it?
aaP_esales2000
Add postfix directly to the Server protection of fail2ban
aaPanel_Kern
I added the postfix rule successfully.
But, I want to add a rule for the web server as well.
The first time, it gives to add successfully a rule,
But, I`m getting a log creation error on two conditions:
- when I try to edit an exciting rule.
- when I delete the rule and try to add the same rule again.
aaP_esales2000
WebSite protection Add related sites
Rule file: /etc/fail2ban/jail.local
Please do not change it at will, the panel may not be recognized after the change
aaPanel_Kern
I notice that if i restart the Apache, i`m getting an error:
Apache rule configuration error:
AH00526: Syntax error on line 8 of /www/server/panel/vhost/apache/mydomain.conf:
CustomLog takes two or three arguments, a file name, a custom log format string or format name, and an optional "env=" or "expr=" clause (see docs)
aaP_esales2000
default configuration
combined
aaPanel_Kern
Working great.
By adding "combined" it solved all issues.
Thank you and have a great weekend
- Edited
some hacker is sending emails from root@mydomain and root@locahost
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 4E8C6160062A: removed
May 5 15:46:28 vmi613070 postfix/local[18768]: C56E71601880: to=<root@localhost>, relay=local, delay=16772, delays=16772/0.52/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: C56E71601880: removed
May 5 15:46:28 vmi613070 postfix/local[18765]: 0CBA3160072E: to=<root@localhost>, relay=local, delay=26749, delays=26748/0.52/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 0CBA3160072E: removed
May 5 15:46:28 vmi613070 postfix/local[18768]: 9DB4D160059E: to=<root@localhost>, relay=local, delay=9583, delays=9583/0.53/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 9DB4D160059E: removed
May 5 15:46:28 vmi613070 postfix/local[18767]: 3FCC816007A7: to=<root@localhost>, relay=local, delay=23291, delays=23290/0.53/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 3FCC816007A7: removed
May 5 15:46:28 vmi613070 postfix/local[18765]: C346B1600552: to=<root@localhost>, relay=local, delay=34139, delays=34139/0.54/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: C346B1600552: removed
May 5 15:46:28 vmi613070 postfix/local[18768]: B9B1D16000EB: to=<root@localhost>, relay=local, delay=34140, delays=34139/0.54/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: B9B1D16000EB: removed
May 5 15:46:28 vmi613070 postfix/local[18765]: 95BCF160149C: to=<root@localhost>, relay=local, delay=4029, delays=4029/0.55/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 95BCF160149C: removed
May 5 15:46:28 vmi613070 postfix/local[18767]: AFAAE1600113: to=<root@localhost>, relay=local, delay=28708, delays=28708/0.55/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: AFAAE1600113: removed
May 5 15:46:29 vmi613070 postfix/local[18766]: B222B1601485: to=<root@localhost>, relay=local, delay=21982, delays=21981/0.03/0/0.91, dsn=2.0.0, status=sent (delivered to mailbox)
.....
May 5 15:46:28 vmi613070 postfix/master[18761]: daemon started -- version 3.4.7, configuration /etc/postfix
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: warning: /etc/postfix/main.cf, line 707: overriding earlier entry: myhostname=mail.mydomain.com
May 5 15:46:28 vmi613070 postfix/pickup[18762]: warning: /etc/postfix/main.cf, line 707: overriding earlier entry: myhostname=mail.mydomain.com
May 5 15:46:28 vmi613070 postfix/qmgr[18763]: 8361616007ED: from=root@vmi613070.hostingdomain.com, size=493, nrcpt=1 (queue active)
May 5 15:46:28 vmi613070 postfix/trivial-rewrite[18764]: warning: /etc/postfix/main.cf, line 707: overriding earlier entry: myhostname=mail.mydomain.com
What is the best way to block it?
aaP_esales2000
In the Linux system, the root user can send emails by default. However, in order to enhance system security, you can restrict the root user from sending mail by configuring the mail server or changing the settings of the mail client.
Here are some ways you can restrict the root user from sending mail:
Configure mail server: You can configure mail server to prevent root user from sending mail. Specifically, you can create a mail filtering rule on the mail server to prevent the root user from sending mail. For example, in a Postfix mail server, you would add the following to the /etc/postfix/main.cf file:
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
Then, add the following to the /etc/postfix/sender_access
file:
root REJECT
This will change mailx's default sender address, preventing root from sending mail.
Change the email address of the root user: You can change the email address of the root user to prevent the root user from sending emails. For example, on an Ubuntu system, you can edit the /etc/aliases file and change root's email address to a non-real email address:
root: /dev/null
This will prevent the root user from sending mail.
Note that changing the configuration of the root user may affect the normal operation of the system. Therefore, make sure you know what you are doing and back up important data before changing your system configuration.
When i use
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
Im receiving an error while trying to send emails from the primary email account that I
m using on my WordPress (info@mydomain.com).
when I remove the sender restrict option from the config file. then it's working again and I can send emails from info@mydomain.com.
i didn't check yet if this issue is with all email accounts.
Mailer: Other SMTP
SMTP Error: The following recipients failed: someemailaddress@gmail.com: : Sender address rejected: Server configuration error
Is it possible to send after cancellation?
It is recommended to check whether the sender email configuration of wordpress is misconfigured?
Also check whether the ssl of the mail server is configured correctly?
"mail.135mailtest.com" is replaced with your domain name
You can use this command to check whether the correct SSL is configured
openssl s_client -connect mail.135mailtest.com:587 -starttls smtp
or
openssl s_client -connect mail.135mailtest.com:465 -starttls smtp
If the display is not OK, please re-apply for SSL
aaPanel_Kern
Verify return code: 0 (ok)
The sender email is config correctly and the SSL is also ( using Chain SSL ).
Can I give you temporary access to the aaPanel?
- Edited
It is recommended to check whether the sender email configuration of wordpress is misconfigured?
aaPanel_Kern
Can you give me a hint on what to look? because it's happening only when I try to reject sending emails from the root.
That is the error that I'm receiving
Versions:
WordPress: 6.0.3
WordPress MS: No
PHP: 7.4.33
WP Mail SMTP: 3.8.0
Params:
Mailer: smtp
Constants: Yes
ErrorInfo: SMTP Error: The following recipients failed: recipient@me.com: : Sender address rejected: Server configuration error
Host: mail.mydomain.com
Port: 465
SMTPSecure: ssl
SMTPAutoTLS: bool(true)
SMTPAuth: bool(true)
Server:
OpenSSL: OpenSSL 1.0.2u 20 Dec 2019
Debug:
Email Source: WP Mail SMTP Pro
Mailer: Other SMTP
PHPMailer was able to connect to SMTP server but failed while trying to send an email.
Email Source: WP Mail SMTP Pro
Mailer: Other SMTP
SMTP Error: The following recipients failed: recipient@me.com: : Sender address rejected: Server configuration error
SMTP Debug:
2023-05-08 05:33:55 Connection: opening to ssl://mail.mydomain.com:465, timeout=300, options=array()
2023-05-08 05:33:55 Connection: opened
2023-05-08 05:33:55 SERVER -> CLIENT: 220 mail.mydomain.com ESMTP Postfix (3.4.7)
2023-05-08 05:33:55 CLIENT -> SERVER: EHLO tikair.co.il
2023-05-08 05:33:55 SERVER -> CLIENT: 250-mail.mydomain.com250-PIPELINING250-SIZE 102400000250-VRFY250-ETRN250-AUTH PLAIN LOGIN250-ENHANCEDSTATUSCODES250-8BITMIME250-DSN250-SMTPUTF8250 CHUNKING
2023-05-08 05:33:55 CLIENT -> SERVER: AUTH LOGIN
2023-05-08 05:33:55 SERVER -> CLIENT: 334 VXNlcm5hbWU6
2023-05-08 05:33:55 CLIENT -> SERVER: [credentials hidden]
2023-05-08 05:33:55 SERVER -> CLIENT: 334 UGFzc3dvcmQ6
2023-05-08 05:33:55 CLIENT -> SERVER: [credentials hidden]
2023-05-08 05:33:55 SERVER -> CLIENT: 235 2.7.0 Authentication successful
2023-05-08 05:33:55 CLIENT -> SERVER: MAIL FROM:noreply@mydomain.com
2023-05-08 05:33:55 SERVER -> CLIENT: 250 2.1.0 Ok
2023-05-08 05:33:55 CLIENT -> SERVER: RCPT TO:recipient@me.com
2023-05-08 05:33:55 SERVER -> CLIENT: 451 4.3.5 noreply@mydomain.com: Sender address rejected: Server configuration error
2023-05-08 05:33:55 SMTP ERROR: RCPT TO command failed: 451 4.3.5 noreply@mydomain.com: Sender address rejected: Server configuration error
2023-05-08 05:33:55 CLIENT -> SERVER: QUIT
2023-05-08 05:33:55 SERVER -> CLIENT: 221 2.0.0 Bye
2023-05-08 05:33:55 Connection: closed
SMTP Error: The following recipients failed: recipient@me.com: noreply@mydomain.com: Sender address rejected: Server configuration error
That my mail config
readme_directory = /usr/share/doc/postfix3-3.4.7/README_FILES
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
virtual_mailbox_domains = sqlite:/etc/postfix/sqlite_virtual_domains_maps.cf
virtual_alias_maps = sqlite:/etc/postfix/sqlite_virtual_alias_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = sqlite:/etc/postfix/sqlite_virtual_mailbox_maps.cf, sqlite:/etc/postfix/sqlite_virtual_alias_domain_mailbox_maps.cf
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_use_tls = yes
smtp_tls_security_level = may
smtpd_tls_security_level = may
virtual_transport = lmtp:unix:private/dovecot-lmtp
message_size_limit = 102400000
smtpd_milters = inet:127.0.0.1:11332
non_smtpd_milters = inet:127.0.0.1:11332
milter_protocol = 6
milter_default_action = accept
default_process_limit = 100
smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 30
queue_minfree = 20971520
header_size_limit = 51200
smtpd_recipient_limit = 400
#smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
smtpd_tls_chain_files = /www/server/panel/plugin/mail_sys/cert/mydomain.com/privkey.pem,/www/server/panel/plugin/mail_sys/cert/mydomain.com/fullchain.pem
tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
aaP_esales2000
Hello, is it normal for Send mail to use the relevant user to send mail in the mail server?
Is it normal to add a # comment to the configuration of milter_mail_macros and restart postfix?
- Edited
aaPanel_Kern
The email accounts that I'm using in WordPress is a General User ( info@mydomain.com and noreply@mydomain.com )
I comment milter_mail_macros...
I`m still getting the same error..