[Zeek] No emails are received
Carlos Lopez
clopmz at outlook.com
Sat Feb 29 07:25:00 PST 2020
Ok, running “sendmail -t -oi /var/zeek/spool/tmp/mail.1493.tmp”, does not return anything and email is not sent… and sendemail requires “from” and “to” options. Putting these options, it works …
--
Regards,
C. L. Martinez
From: <zeek-bounces at zeek.org> on behalf of James Lay <jlay at slave-tothe-box.net>
Reply to: "jlay at slave-tothe-box.net" <jlay at slave-tothe-box.net>
Date: Saturday, 29 February 2020 at 15:55
To: "zeek at zeek.org" <zeek at zeek.org>
Subject: Re: [Zeek] No emails are received
The aptly named "sendemail" works well:
http://caspian.dotconf.net/menu/Software/SendEmail/
I know it's in ubuntu's list, not sure on Redhat.
James
On Sat, 2020-02-29 at 08:11 -0500, Justin Azoff wrote:
That is the equivalent command for postfix. All MTAs include a sendmail compatible binary.
On Saturday, February 29, 2020, Carlos Lopez <clopmz at outlook.com<mailto:clopmz at outlook.com>> wrote:
Thanks for your answer Justin. All my zeek hosts are installed with postfix (they are under RHEL 8.1). I am searching about an equivalent command with postfix but I can't find any….
--
Regards,
C. L. Martinez
From: Justin Azoff <justin at corelight.com<mailto:justin at corelight.com>>
Date: Friday, 28 February 2020 at 17:54
To: Carlos Lopez <clopmz at outlook.com<mailto:clopmz at outlook.com>>
Cc: "zeek at zeek.org<mailto:zeek at zeek.org>" <zeek at zeek.org<mailto:zeek at zeek.org>>
Subject: Re: [Zeek] No emails are received
On Thu, Feb 27, 2020 at 3:57 AM Carlos Lopez <clopmz at outlook.com<mailto:clopmz at outlook.com>> wrote:
Hi all,
After re-installing my Zeek hosts to version 3.0.2 in my home lab, I haven't received any mail from cron task or any process/alert related to Zeek. But I see some emails queued in /var/zeek/spool/tmp directory like this:
-rw-r--r--. 1 zeek idps 296 Feb 27 07:30 mail.1493.tmp
With the following content:
From: admin.zeek at domain.org<mailto:admin.zeek at domain.org>
Subject: [Zeek] cron: expire-logs failed
To: myadmin at otherdomain.org<mailto:myadmin at otherdomain.org>
User-Agent: ZeekControl 2.0.0
expire-logs failed
expire-logs: directory not found: /var/zeek/logs/stats
creating directory for stats file: /var/zeek/logs/stats
--
[Automatically generated.]
what output if any do you get if you run
sendmail -t -oi /var/zeek/spool/tmp/mail.1493.tmp
or whatever filename exists there.
the "To:" line in there is what it looks for, so that should be working..
--
Justin
_______________________________________________
Zeek mailing list
zeek at zeek.org<mailto:zeek at zeek.org>
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200229/e0e1dc6d/attachment.html
More information about the Zeek
mailing list