ossec-hids icon indicating copy to clipboard operation
ossec-hids copied to clipboard
verified publisher icon ossec

E-mail Alert not receiving from ossec server 3.6.0 on ubuntu 18.04.04

Open siddharth58 opened this issue 5 years ago • 9 comments

Hi, i have installed ossec 3.6.0 on ubuntu 18.04.04 on that time of installation of ossec i have entered my email id and smtp details.

now trying to change active alert setting and frequency setting . and also try to check smtp details but not successful.. need help..

siddharth58 avatar Mar 27 '20 11:03 siddharth58

Can you check the mail server's logs to see why it isn't working? Are there any maild logs in ossec.log?

ddpbsd avatar Mar 27 '20 17:03 ddpbsd

hi thank you very much for your reply.. yes i jave check its showing error in smtp. could you pls help me to resolve this , i'm new in this.

i have attached log file could pls guide me ..? thank you :) ossec.txt

siddharth58 avatar Mar 27 '20 18:03 siddharth58

So OSSEC expects a 220 from the smtpd when it connects. It throws the banner error when it doesn't get that.

ddpbsd avatar Mar 27 '20 19:03 ddpbsd

In this case should I change SMTP server config.or something else..

Thank you 😊

Get Outlook for Androidhttps://aka.ms/ghei36

From: Dan Parriott [email protected] Sent: Saturday, March 28, 2020, 12:47 AM To: ossec/ossec-hids Cc: sid; Author Subject: Re: [ossec/ossec-hids] E-mail Alert not receiving from ossec server 3.6.0 on ubuntu 18.04.04 (#1859)

So OSSEC expects a 220 from the smtpd when it connects. It throws the banner error when it doesn't get that.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/ossec/ossec-hids/issues/1859#issuecomment-605231815, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AO2EIKCLPGVCJ3PV5AZGLALRJT3TTANCNFSM4LU6IBPA.

siddharth58 avatar Mar 27 '20 19:03 siddharth58

I don't know how secureserver.net is setup. Look through their directions. I'm guessing you'll need auth though, so OSSEC will need some kind of relay to do that.

ddpbsd avatar Mar 27 '20 19:03 ddpbsd

Hi, thanks yes i have just mention smtp in email configuration. could you pls help me to add relay on OSSEC.

siddharth58 avatar Apr 01 '20 07:04 siddharth58

I don't think Ubuntu comes with an smtpd by default, so pick one and set it up as a relay.

ddpbsd avatar Apr 15 '20 11:04 ddpbsd

yes, i have installed sendmail and try to get email alert on my domain but failed then i try postfix. when i configure gmail account i get alerts but when i'm using my domain then its failed. so i think its issue of our smtp server.

siddharth58 avatar Apr 29 '20 10:04 siddharth58

Tagged as stale/closed if no further responses in 7 days

atomicturtle avatar Feb 21 '21 19:02 atomicturtle