This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

How to forward all root server security emails to outside email address?
#1
How to forward all root server security emails to outside email address?
So I have noticed that my mailq deferred list has a lot of emails in it that are supposed to be going to the root user, but since the root user is pointing to the local hostname which doesn't exist outside of the server, these messages are going undelivered.

For example, mailq looks like this:

root@panel:~# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
3FCDA148331 571 Sun May 3 12:46:40 testuser@panel.mydomain.com
(mail for panel.mydomain.com loops back to myself)
root@panel.mydomain.com

So, at first there was a bunch of emails in here trying to be sent to root@panel.mydomain.com, which doesn't exist. It's just the local hostname of the server. These were error notifications being created by cron. So I was able to fix that by editing crontab -e and adding:

# Set Mailto Address for Cron Errors
MAILTO="myemail@gmail.com"

now all cron error emails go to my gmail account and all is good. However, this only affects cron of course. So now when there is a general security issue on the site, such as a user attempting to do something they shouldn't, it says attempt logged and will be notified. Then an email is made to be sent to the root user to notify of the security issue.

I have searched high and dry and cannot figure out how to just get this darn thing to forward any emails for root to a real email address. Anyone know how I can do this?

I found online a few suggestions, but none of them seemed to work. For example:
1.) editing /etc/aliases and adding:
root: myemail@gmail.com
then running "newaliases" and then service postfix restart.

Emails are still being attempted at root@mydomain.com

2.) creating a forward file
# cd ~
# nano .forward
adding one line with "myemail@gmail.com"
saving the file

Alerts still get generated to the root@mydomain.com address.

Any idea on what I am doing wrong? Is there a setting in Sentora that is overwriting what I am doing?

Please help...thank you!
Reply
Thanks given by:
#2
RE: How to forward all root server security emails to outside email address?
Just for reference...I tried this...and it's not working. I'm assuming Sentora is over-riding something??

http://blog.bobbyallen.me/2013/02/03/how...-on-linux/
Reply
Thanks given by:
#3
RE: How to forward all root server security emails to outside email address?
Solution is postfix transport:

http://www.postfix.org/transport.5.html

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by:
#4
RE: How to forward all root server security emails to outside email address?
Hi everyone,

I posted this question on stackoverflow to get more visibility and was able to solve this problem quickly with just the modification of the main.cf file of postfix.

Basically, the issue is that postfix ignores the .forward file because it thinks it's sending this email to an external address/domain. Hence the error message:

95706148387 2588 Mon May 4 03:41:22 MAILER-DAEMON
(mail for panel.myrealdomain.com loops back to myself)
root@panel.myrealdomain.com

So basically you need to inform the server that the panel.myrealdomain.com is, in fact the internal domain or local hostname. Not sure why this doesn't get setup by default with Sentora as it would seem this should be something that is configured when installing the server.

So if I run hostname in the terminal, the output is panel.mydomain.com. So emails being sent to root@panel.mydomain.com get stuck in this loop in the mailq as deferred because they can't be sent. The .forward file gets ignored because it thinks it's an external domain, only internal (local) domains reference the .forward file.

So all you have to do is edit the file /etc/postfix/main.cf

search for mydestinations, you will see something like this:
mydestination = localhost.$mydomain, localhost

now edit this line to include your domain/hostname:
mydestination = panel.mydomain.com, localhost.$mydomain, localhost

Save the file and you should be good to go. Do a test by sending a test mail to user root. It should arrive into the inbox of the email address you listed in .forward file for the root user. Bam!

check here for additional information: http://stackoverflow.com/questions/30021...S#30021216>
Reply
Thanks given by:
#5
RE: How to forward all root server security emails to outside email address?
Ok will check this issue.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by: americanninja


Possibly Related Threads…
Thread Author Replies Views Last Post
Email has suddenly stopped coming through rsthomas 4 4 ,681 10-12-2022, 09:29 PM
Last Post: rsthomas
Why can i not send emails from my site phabeon8 3 6 ,383 04-20-2021, 06:29 AM
Last Post: sparkrack
External mail client cannot connect to server iraqiboy90 2 6 ,147 02-28-2021, 11:34 AM
Last Post: iraqiboy90

Forum Jump:


Users browsing this thread: 1 Guest(s)