[Zeek] No emails are received

James Lay jlay at slave-tothe-box.net
Sat Feb 29 06:52:58 PST 2020 

The aptly named "sendemail" works well:

http://caspian.dotconf.net/menu/Software/SendEmail/

I know it's in ubuntu's list, not sure on Redhat.

James
On Sat, 2020-02-29 at 08:11 -0500, Justin Azoff wrote:
> That is the equivalent command for postfix.  All MTAs include a
> sendmail compatible binary.
> 
> On Saturday, February 29, 2020, Carlos Lopez <clopmz at outlook.com>
> wrote:
> > 
> > 
> > 
> > 
> > 
> > 
> > Thanks for your answer Justin. All my zeek hosts are installed with
> > postfix (they are under RHEL 8.1). I am searching about an
> > equivalent command with postfix but I can't find any….
> >  
> > 
> > -- 
> > 
> > Regards,
> > 
> > 
> > C. L. Martinez
> >  
> > 
> > From: Justin Azoff <justin at corelight.com>
> > 
> > Date: Friday, 28 February 2020 at 17:54
> > 
> > To: Carlos Lopez <clopmz at outlook.com>
> > 
> > Cc: "zeek at zeek.org" <zeek at zeek.org>
> > 
> > Subject: Re: [Zeek] No emails are received
> > 
> > 
> >  
> > 
> > 
> > 
> > On Thu, Feb 27, 2020 at 3:57 AM Carlos Lopez <clopmz at outlook.com>
> > wrote:
> > 
> > 
> > > Hi all,
> > > 
> > > 
> > > 
> > >  After re-installing my Zeek hosts to version 3.0.2 in my home
> > > lab, I haven't received any mail from cron task or any
> > > process/alert related to Zeek. But I see some emails queued in
> > > /var/zeek/spool/tmp directory like this:
> > > 
> > > 
> > > 
> > > -rw-r--r--. 1 zeek idps 296 Feb 27 07:30 mail.1493.tmp
> > > 
> > > 
> > > 
> > >  With the following content:
> > > 
> > > 
> > > 
> > > From: admin.zeek at domain.org
> > > 
> > > Subject: [Zeek] cron: expire-logs failed
> > > 
> > > To: myadmin at otherdomain.org
> > > 
> > > User-Agent: ZeekControl 2.0.0
> > > 
> > > 
> > > 
> > > expire-logs failed
> > > 
> > > expire-logs: directory not found: /var/zeek/logs/stats
> > > 
> > > 
> > > 
> > > creating directory for stats file: /var/zeek/logs/stats
> > > 
> > > 
> > > 
> > > --
> > > 
> > > [Automatically generated.]
> > 
> >  
> > 
> > 
> > what output if any do you get if you run
> > 
> > 
> >  
> > 
> > 
> >     sendmail -t -oi /var/zeek/spool/tmp/mail.1493.tmp
> > 
> > 
> > 
> >  
> > 
> > 
> > or whatever filename exists there.
> > 
> > 
> > the "To:" line in there is what it looks for, so that should be
> > working..
> > 
> > 
> >  
> > 
> > -- 
> > 
> > 
> > Justin
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> 
> _______________________________________________Zeek mailing
> listzeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200229/b9c94f40/attachment-0001.html

More information about the Zeek mailing list