How do i uninstall Postfix. Will Fail2Ban still be able to email me?

October 8, 2015 7.2k views
DigitalOcean Email
desiredpersona
By:
desiredpersona

I setup mailgun to forward my emails to gmail. I use gmail aliases to send emails from my domains. Mailgun.com is a free alternative to using google apps.

1.) How do i uninstall postfix?
2.) Will fail2ban still be able to email me if i do uninstall postfix?
3.) Can i remove pop3 110, 995 ports from firewall?
4.) Can i remove imap ports 83, 587 from firewall?
5.) Can i remove SMTP port 25 from firewall?
I have a ubuntu 14.04 LEMP server.

Log In to Comment
1 Answer
kamaln7 MOD October 8, 2015

Hi,

1.) How do i uninstall postfix?

You can uninstall Postfix by running:

sudo apt-get remove postfix

2.) Will fail2ban still be able to email me if i do uninstall postfix?

By default, no. fail2ban needs a Mail Transfer Agent such as Postfix in order to send emails.

However, you can disable email notifications and set up a script that sends email alerts through Mailgun whenever a host is banned or unbanned:

3.) Can i remove pop3 110, 995 ports from firewall?
4.) Can i remove imap ports 83, 587 from firewall?
5.) Can i remove SMTP port 25 from firewall?

Once you've uninstalled Postfix, yes, you can safely remove them. To make sure that they are not used anymore, run the following command which lists all open/active ports along with the processes that are bound to them:

sudo netstat -plutn
Reply
  • desiredpersona October 8, 2015

    Thanks Kamal. I owe you one :)

  • desiredpersona October 9, 2015

    Hi Kamal,

    Im having trouble understanding the following part of the mailgun fail2ban tutorial.
    Could you please explain the following steps.

    Define a new action in fail2ban at: /etc/fail2ban/action.d/mailgun.conf Do i just create a file at this location with the following code?

    [Definition]
actionstart =
actionstop =
actioncheck =
actionban = /usr/local/bin/fail2ban-mailgun/mail.sh ban
actionun = /usr/local/bin/fail2ban-mailgun/mail.sh unban

    Modify or add an action entry in the jail you wish to configure. We're assuming that you've copied jail.conf to jail.local and will be adding this rule to the SSH jail entry. Not sure what this means?

    [ssh]

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 6
action = %(action_)s
    mailgun

    The last part states to set the action to the default action variable, likely defined above in your jail.local file, and then to add the mailgun action to the ban process. No idea what i need to do here?

    • desiredpersona October 9, 2015

      I have done the following so far
      1.) Upload mailgunapi.default.conf to /etc/ directory and change filename to mailgunapi.conf

      2.) Edited the mailgun_api.conf file and added my Mailgun API details.

      3.) I created a new file at /etc/fail2ban/action.d/ called mailgun.conf and added the following

      [Definition]
actionstart =
actionstop =
actioncheck =
actionban = /usr/local/bin/fail2ban-mailgun/mail.sh ban
actionun = /usr/local/bin/fail2ban-mailgun/mail.sh unban

      4.) Created directory /usr/local/bin/fail2ban-mailgun/ and uploaded mail.sh

      5.) I have already copied fail2ban's jail.conf to jail.local. I have added this rule to the SSH jail entry.

      [ssh]

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 6
<^>action = %(action_)s
    mailgun<^>

      Is this correct?

      After restarting fail2ban i get the following error

      WARNING 'actionunban' not defined in 'Definition'. Using default one: ''
Have another answer? Share your knowledge.

Related Questions