E-mail Alert not receiving from ossec server 3.6.0 on ubuntu 18.04.04

ossec / ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

http://www.ossec.net

Other

4.52k stars 1.04k forks source link

E-mail Alert not receiving from ossec server 3.6.0 on ubuntu 18.04.04 #1859

Open siddharth58 opened 4 years ago

siddharth58 commented 4 years ago

Hi, i have installed ossec 3.6.0 on ubuntu 18.04.04 on that time of installation of ossec i have entered my email id and smtp details.

now trying to change active alert setting and frequency setting . and also try to check smtp details but not successful.. need help..

ddpbsd commented 4 years ago

Can you check the mail server's logs to see why it isn't working? Are there any maild logs in ossec.log?

siddharth58 commented 4 years ago

hi thank you very much for your reply.. yes i jave check its showing error in smtp. could you pls help me to resolve this , i'm new in this.

i have attached log file could pls guide me ..? thank you :) ossec.txt

ddpbsd commented 4 years ago

So OSSEC expects a 220 from the smtpd when it connects. It throws the banner error when it doesn't get that.

siddharth58 commented 4 years ago

In this case should I change SMTP server config.or something else..

Thank you 😊

Get Outlook for Androidhttps://aka.ms/ghei36

From: Dan Parriott notifications@github.com Sent: Saturday, March 28, 2020, 12:47 AM To: ossec/ossec-hids Cc: sid; Author Subject: Re: [ossec/ossec-hids] E-mail Alert not receiving from ossec server 3.6.0 on ubuntu 18.04.04 (#1859)

So OSSEC expects a 220 from the smtpd when it connects. It throws the banner error when it doesn't get that.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/ossec/ossec-hids/issues/1859#issuecomment-605231815, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AO2EIKCLPGVCJ3PV5AZGLALRJT3TTANCNFSM4LU6IBPA.

ddpbsd commented 4 years ago

I don't know how secureserver.net is setup. Look through their directions. I'm guessing you'll need auth though, so OSSEC will need some kind of relay to do that.

siddharth58 commented 4 years ago

Hi, thanks yes i have just mention smtp in email configuration. could you pls help me to add relay on OSSEC.

ddpbsd commented 4 years ago

I don't think Ubuntu comes with an smtpd by default, so pick one and set it up as a relay.

siddharth58 commented 4 years ago

yes, i have installed sendmail and try to get email alert on my domain but failed then i try postfix. when i configure gmail account i get alerts but when i'm using my domain then its failed. so i think its issue of our smtp server.

atomicturtle commented 3 years ago

Tagged as stale/closed if no further responses in 7 days