How do i uninstall Postfix. Will Fail2Ban still be able to email me?

October 8, 2015 4k views
DigitalOcean Email

I setup mailgun to forward my emails to gmail. I use gmail aliases to send emails from my domains. Mailgun.com is a free alternative to using google apps.

1.) How do i uninstall postfix?
2.) Will fail2ban still be able to email me if i do uninstall postfix?
3.) Can i remove pop3 110, 995 ports from firewall?
4.) Can i remove imap ports 83, 587 from firewall?
5.) Can i remove SMTP port 25 from firewall?
I have a ubuntu 14.04 LEMP server.

1 Answer

Hi,

1.) How do i uninstall postfix?

You can uninstall Postfix by running:

sudo apt-get remove postfix

2.) Will fail2ban still be able to email me if i do uninstall postfix?

By default, no. fail2ban needs a Mail Transfer Agent such as Postfix in order to send emails.

However, you can disable email notifications and set up a script that sends email alerts through Mailgun whenever a host is banned or unbanned:

3.) Can i remove pop3 110, 995 ports from firewall?
4.) Can i remove imap ports 83, 587 from firewall?
5.) Can i remove SMTP port 25 from firewall?

Once you've uninstalled Postfix, yes, you can safely remove them. To make sure that they are not used anymore, run the following command which lists all open/active ports along with the processes that are bound to them:

sudo netstat -plutn
  • Thanks Kamal. I owe you one :)

  • Hi Kamal,

    Im having trouble understanding the following part of the mailgun fail2ban tutorial.
    Could you please explain the following steps.

    Define a new action in fail2ban at: /etc/fail2ban/action.d/mailgun.conf Do i just create a file at this location with the following code?

    [Definition]
    actionstart =
    actionstop =
    actioncheck =
    actionban = /usr/local/bin/fail2ban-mailgun/mail.sh ban
    actionun = /usr/local/bin/fail2ban-mailgun/mail.sh unban
    

    Modify or add an action entry in the jail you wish to configure. We're assuming that you've copied jail.conf to jail.local and will be adding this rule to the SSH jail entry. Not sure what this means?

    [ssh]
    
    enabled  = true
    port     = ssh
    filter   = sshd
    logpath  = /var/log/auth.log
    maxretry = 6
    action = %(action_)s
        mailgun
    

    The last part states to set the action to the default action variable, likely defined above in your jail.local file, and then to add the mailgun action to the ban process. No idea what i need to do here?

    • I have done the following so far
      1.) Upload mailgunapi.default.conf to /etc/ directory and change filename to mailgunapi.conf

      2.) Edited the mailgun_api.conf file and added my Mailgun API details.

      3.) I created a new file at /etc/fail2ban/action.d/ called mailgun.conf and added the following

      [Definition]
      actionstart =
      actionstop =
      actioncheck =
      actionban = /usr/local/bin/fail2ban-mailgun/mail.sh ban
      actionun = /usr/local/bin/fail2ban-mailgun/mail.sh unban
      

      4.) Created directory /usr/local/bin/fail2ban-mailgun/ and uploaded mail.sh

      5.) I have already copied fail2ban's jail.conf to jail.local. I have added this rule to the SSH jail entry.

      [ssh]
      
      enabled  = true
      port     = ssh
      filter   = sshd
      logpath  = /var/log/auth.log
      maxretry = 6
      <^>action = %(action_)s
          mailgun<^>
      

      Is this correct?

      After restarting fail2ban i get the following error

      WARNING 'actionunban' not defined in 'Definition'. Using default one: ''
      
Have another answer? Share your knowledge.