I'm going through the linux hardening checklist, and the only bit I'm having trouble with is how to configure syslogd to email daily reports to my email. my mta is postfix
How do I do this? Or should I ask... where is the HOWTO?
I am unable to find the syslogd files. Ubuntu 9.1 installed. Logging is taking place. I want to redirect logging to central location. Do I need to install syslogd in order to control this service or is it controled via a different name/service?
View 1 Replies View Relatedi want to use an ubuntu server (2.6.31-17-generic #54-Ubuntu SMP) as the central syslog server but the syslog messages does not show the priority and facility information in ubuntu. priority and facility are shown in aix by default and i have many aix servers can be used as the central syslog server, but i prefer using ubuntu if it can provide me these details.
View 3 Replies View RelatedI have read in some book that syslogd keeps lots of logs that with the time consume a considerably part of your hard drive. I know this is very nice feature and all that, but sometimes privacy in this competitive world is a matter fact. Here goes the questions: Is it possible to 'auto delete' the syslogd files automatically? May the destruction of the logs make some hangs on my system? May some program need the daemon to function properly?
View 1 Replies View RelatedIs their a more secure way to handle logwatch reports, rather than using email?
View 5 Replies View RelatedWe have following setup,
1. Webserver (Centos 5.5)
2. Mail server (Centos 5.5)
We have configured autossh successfully to create/manage the ssh tunnel into mail server in order to dump all emails to localhost port.
To auto start autossh in boot time we have included following into /etc/rc.d/rc.local,
Quote:
So whenever our web application wants to send out emails it dump all emails to localhost:33465 port, easy piecy, all are working great
Now we have a requirement that logwatch reports should get delivered via the same ssh tunnel rather than installing postfix and configuring as a relay.
In logwatch is there a way to achieve that?
My system started running at 75 % CPU (its normally 20%), so I opened a terminal and looked at 'top', there are many processes running as root, the one thats sucking the CPU is this:'user'- root, 'pid'-2963, 'command'-X. below that there are a few processes of my user account, then alot more 'root' processes.
View 2 Replies View RelatedI recently ran a rkhunter check and in my log i have found some very odd (to me at least) reports.
/usr/bin/last [ Warning ]
Warning: The file properties have changed:
File: /usr/bin/last
[code]....
I got the following task from my boss. I have to find out if there is some alternative tool for create reports from Squid except SARG. Now, we use SARG, but my boss told to me, that the main problem of SARG is, that SARG generate huge amount files, which cause problems during migration our servers. He told to me the following condition for change of current tool (SARG):
* standard package of Debian
* generate less amount of files, optimal is to save reports to the database
So I would like to ask you if you know about some tool (I can not find some by google)... and the best would be if you told to me some practical experiences.
I have Ubuntu 11 up-to-date, on an Asus EEEPC Netbook. I can't configure Evolution, because the screen resolution is small and the window goes beyond the screen, the buttons are not visible. The window cannot be resized.
View 3 Replies View Relatedhow to configure linux for email to send andplz alos guide me what will be the command for
sending? am using oracle linux version 5.5.19 enterprise edition.
Can I configure email forwarder in Webmin?
View 1 Replies View RelatedI have installed nagios in centos and its working fine.
I need to configure email alerts for nagios.
I have already configured nagios to send email alerts for warning,critical and recovery for 24/7.
1) i need to configure nagios to send email alerts twice a day
a) morning at 8am
b) evening at 6pm
2)i need nagios to send email alerts only "current status" of the host and services twice a day (morning and evening).
I have CentOS 5.3 ISPConfig 3 installed. I have noticed that some mail I sent out were lost. Expecially, email with subject like "a" or "aa". I think Amavis block my email. Please tell me how to configure amavis to allow all outgoing email by postfix?
View 1 Replies View RelatedI'm experimenting with with mail-servers now and I'm trying to configure postfix to send emails from one email(pop3 is gmail) to any email outside the local network. Server is Ubuntu 10.10 with the last updates.
View 1 Replies View RelatedSo I have two servers in my environment, I have an app server that runs my Java App on it and then I have a utility server. Right now, I have that utility server acting as a simple mail gateway so when my app server needs to send an e-mail out, it forwards it to the utility server and the utility server sends it out to where-ever it's destined to. The Java server always sends as one specific user, let's call it bob@company.com.
This set-up is working just fine right now. Now, I also have my company.com e-mail hosted at an e-mail provider for all of my user's e-mail accounts and such. I also have a bob@company.com e-mail account so if e-mails ever bounce, they end up in this inbox. Again, this works fine.
My app is pretty email dumb so it can't authenticate itself or anything, that's why I am using sendmail on my utility server instead of my e-mail provider's SMTP server. What I would like to do is to configure sendmail to forward all outbound e-mails (and authenticate) to my e-mail provider's SMTP gateway using the bob@company.com account and credentials. Is it possible to configure sendmail to do this?
Basically i have no idea to provide proper information in the setup wizerd.
View 4 Replies View RelatedI have a problem sending emails in the command line. I have introduced this command:
sendEmail -f my.account@gmail.com -t myself@domain.tld
-u this is the test tile -m "this is a test message"
-s smtp.gmail.com
-o tls=yes
-xu usernameonly -xp mypasswd
But then I received this message:
sendEmail[13230]: ERROR => Connection attempt to smtp.gmail.com:25 failed: IO::Socket::INET: connect: Connection timed out
I have configured the postix email server in Centos. Its working fine with Squirrel mail client. But If I configured in microsoft Outlook. it is working. with this post I have attached the error message. Please let me know solution.I am getting this error message while I check the SMTP authentication in outgoing server tab on outlook account setting configuration.If I send any email It will bounce and came to to inbox
View 1 Replies View RelatedI'm not trying to setup a email server. ;) Firewall is set to disabled. SELinux is set to disabled.. How can i configure (which file?) the server to be able to send email out? When I try "mail -s testmail myemail@[URL]" and enter some text and then CTRL+D.. and return, I get command prompt again..
[Code]...
It's possible to configure Postfix in order to check spam only for outgoing email?
View 2 Replies View Relatedhow to configure CenterIM so that it shows my contacts nickname instead of their email addresses?
View 1 Replies View RelatedI have an issue with sendmail. I need to configure sendmail to send email from command prompt to any domain. This is just for the notification purpose. I installed sendmail and sendmail-cf and sm-client. The following are the configuration I have done.
/etc/mail/sendmail.mc
1) dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
2) m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
3) /etc/hosts = 127.0.0.1 localhost.localdomain
/etc/hosts = 192.168.2.50 mysystem
4) /etc/hosts.allow = sendmail:ALL
[Code].....
I am trying to configure virtual alias using regular expression.
For example :
Email send to user.1@example.com and user.2@example.com will deliver to user mailbox.
Email send to user2.1@example.com and user2.2@example.com will deliver to user2 mailbox.
And the numbers or alphabet in between user name and the domain will be vary , I can't just do a normal alias.
I been try to play around with main.cf and the virtual alias table but still not able to get work. So I am not sure is the main.cf didnt configure correctly or the regular expression is not working.
I'm trying to set up a basic smtp server on my local computer that I can send basic, unencrypted email through on port 25. I installed postfix, and I chose the following options:
Internet Site,
System Mail Name: localhost
Root and postmaster mail recipient: I left this blank
For other domains to accept mail, I entered : NONE, localhost
No force synchronous mail updates
Local networks: 127.0.0.0/8
[Code].....
dammit... all that typing and I hit the wrong "submit" button. *sigh*
Ok, I have a couple of SMTP servers for our infrastructure. They are running Postfix. I have them configured so that specific email addresses such as support@mydomain.com and billing@mydomain.com all go to a new support server that I am building with osTicket. Lets call that server SUPP1.
SUPP1 runs sendmail from the default install of CentOS 5 i386. At this point everything runs great. New emails get added into the osTicket system via a pipe in sendmail. Here's where the problem comes in. In order to accept mail, sendmail has to have the domain listed in local-host-names and the addresses in virtusertable. That works just dandy. But in doing so, sendmail believes it is the destination SMTP server for "mydomain.com". That means that I can't send mail from that server back into my normal SMTP servers. So things like the LogWatch, cron jobs, etc can't send notifications. Is there a way to work around that? For sendmail to ignore local-host-names for outbound email or something?
Last night I received the classic rkhunter's email with several warnings inside:
Quote:
Warning:
Warning:
Warning:
and so on..
Why rkhunter isn't able to calculate the hash of those files and compare it with the stored one?
Other strange thing: for the "good" file, the hash is often different!
For example, in the last rkhunter.log, /bin/awk is "good".
But:
Quote:
Quote:
So, if the sha1sum is different, why rkhunter tell me that awk is secure?
I know this is probably easy and if I only took a while to figure it out maybe I could but I have some stuff that needs to happen soon and I can't figure this out. I was wondering how I could have a log monitor that would email me whenever someone tries to login over ssh to my system. I'm open to everything daemons/scripts or cron itl works as I am not running a production server (but I might be starting that soon). Oh and just a side how do I get sent an email when I get port scanned
View 6 Replies View RelatedTo get my Thunderbird email to work and to do FTP to my website I have to use TERMINAL and enter the following code in Root;
iptables -F
At one point weeks ago I got Gufw and I don't remember if that had any effect.
Unable to send mail thus adjust protocol port and it worked. Things moving slow on computer. Thus ran clamtk virus scanner. It found a virus. Tried to quarantine it but not successful. Have GUI version 4.15 Antivirus engine .95.3. Virus is located at
/home/kim/.mozilla-thunderbird/zrlm4cOj.default/Mail/LocalFolders/Inbox Phishing.Heristics.Email.SpoofedDomain
What do I do to get rid of it?