Related

Emails from Iredmail are landing into SPAM folder Question Question
SMTP send mail connection timed out Question Question

Question

How do i uninstall Postfix. Will Fail2Ban still be able to email me?

Posted October 8, 2015 16.8k views
EmailDigitalOcean

I setup mailgun to forward my emails to gmail. I use gmail aliases to send emails from my domains. Mailgun.com is a free alternative to using google apps.

1.) How do i uninstall postfix?
2.) Will fail2ban still be able to email me if i do uninstall postfix?
3.) Can i remove pop3 110, 995 ports from firewall?
4.) Can i remove imap ports 83, 587 from firewall?
5.) Can i remove SMTP port 25 from firewall?
I have a ubuntu 14.04 LEMP server.

Add a comment
desiredpersona
By:
desiredpersona
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
kamaln7 October 8, 2015

Hi,

1.) How do i uninstall postfix?

You can uninstall Postfix by running:

sudo apt-get remove postfix

2.) Will fail2ban still be able to email me if i do uninstall postfix?

By default, no. fail2ban needs a Mail Transfer Agent such as Postfix in order to send emails.

However, you can disable email notifications and set up a script that sends email alerts through Mailgun whenever a host is banned or unbanned:

3.) Can i remove pop3 110, 995 ports from firewall?
4.) Can i remove imap ports 83, 587 from firewall?
5.) Can i remove SMTP port 25 from firewall?

Once you’ve uninstalled Postfix, yes, you can safely remove them. To make sure that they are not used anymore, run the following command which lists all open/active ports along with the processes that are bound to them:

sudo netstat -plutn
Reply Report
  • desiredpersona October 8, 2015

    Thanks Kamal. I owe you one :)

    Reply Report
  • desiredpersona October 9, 2015

    Hi Kamal,

    Im having trouble understanding the following part of the mailgun fail2ban tutorial.
    Could you please explain the following steps.

    Define a new action in fail2ban at: /etc/fail2ban/action.d/mailgun.conf Do i just create a file at this location with the following code?

    [Definition]
actionstart =
actionstop =
actioncheck =
actionban = /usr/local/bin/fail2ban-mailgun/mail.sh ban
actionun = /usr/local/bin/fail2ban-mailgun/mail.sh unban

    Modify or add an action entry in the jail you wish to configure. We’re assuming that you’ve copied jail.conf to jail.local and will be adding this rule to the SSH jail entry. Not sure what this means?

    [ssh]

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 6
action = %(action_)s
    mailgun

    The last part states to set the action to the default action variable, likely defined above in your jail.local file, and then to add the mailgun action to the ban process. No idea what i need to do here?

    Reply Report
    • desiredpersona October 9, 2015

      I have done the following so far
      1.) Upload mailgunapi.default.conf to /etc/ directory and change filename to mailgunapi.conf

      2.) Edited the mailgun_api.conf file and added my Mailgun API details.

      3.) I created a new file at /etc/fail2ban/action.d/ called mailgun.conf and added the following

      [Definition]
actionstart =
actionstop =
actioncheck =
actionban = /usr/local/bin/fail2ban-mailgun/mail.sh ban
actionun = /usr/local/bin/fail2ban-mailgun/mail.sh unban

      4.) Created directory /usr/local/bin/fail2ban-mailgun/ and uploaded mail.sh

      5.) I have already copied fail2ban’s jail.conf to jail.local. I have added this rule to the SSH jail entry.

      [ssh]

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 6
<^>action = %(action_)s
    mailgun<^>

      Is this correct?

      After restarting fail2ban i get the following error

      WARNING 'actionunban' not defined in 'Definition'. Using default one: ''
      Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help