Allow maild to send through a sendmail-like executable #689
Conversation
|
Here's a quick link to the second commit without whitespace changes. |
|
Rebased with minor simplification. |
|
Hold up, spotted an issue. I forgot to delete a symlink I initially placed to work around the chrooting. Small adjustment needed. |
|
Fixed! 😄 |
|
The third and fourth parameters to OS_ConnectTCP() should be dropped. |
|
@aquerubin, I haven't added or changed any |
|
On Wed, 2 Dec 2015, James Le Cuirot wrote:
@aquerubin, I haven't added or changed any `OS_ConnectTCP()` lines so
that is a separate concern.
Understood. I'm referring to the merge conflicts with the current
master source.
Antonio Querubin
e-mail: [email protected]
xmpp: [email protected]
|
We will want to do one but not the other.
Users have long called for TLS support when sending mail from OSSEC. This is not trivial to add directly but this commit enables that support by delegating the task to a sendmail-like executable such as SSMTP or Msmtp. maild detects this mode of operation by checking for a / at the start of the smtp_server setting. It uses popen to launch the executable and passes the raw message to it via stdin. sendmail's -t argument tells it to parse the headers given in the message so smtp_server will typically be set to something like /usr/sbin/sendmail -t. In order for this to work, maild needs to be started without chrooting as it traditionally has done. It will therefore no longer chroot if it detects a / at the start of smtp_server. Privilege separation is still possible, hence the previous commit. It is best to view this commit with --ignore-all-space as there are far few changes than the regular diff would imply.
|
Okay, I see. I've rebased it now then. |
Allow maild to send through a sendmail-like executable
|
I tried to use msmtp in ossec.conf. If I use msmtp from command line its working fine from me but mail are not being sent from ossec at all.
ossec is running fine as well. Am I missing anything ? |
|
Are you using 2.9.0? It's not in earlier versions. We're still using this with ssmtp but we're still using our custom 2.8.3 build rather than 2.9.0. Are you setting smtp_server to Some distros install these binaries with SGID but some don't, requiring you to be in a particular group so check the permissions. |
|
I am using 2.9.0 only and trying to run ossec as root user in Ubuntu 16.04 linux server. I tried using |
|
You may start it as root but it'll drop privileges to other users. I think |
|
Could you please let me know which permission
|
|
That's not what SGID means. Check with If it is set then you shouldn't need to do anything. If it's not set then you should add the |
|
Thanks @chewi. It was permission issue only. Its working fine now. |
|
Hi! |
|
I can't remember where ossecm logs to off the top of my head, if anywhere. Check the syslog and main OSSEC log. Also check that your configuration would cause it to mail anything at all. |
|
Here is my ossec.conf fragment: Finally, I have msmtp working from the command line, and with other daemons without any problem. |
|
Nevermid, I replaced mSMTP with Postfix and everything is working fine now. Thanks for helping me. |
Users have long called for TLS support when sending mail from OSSEC. This is not trivial to add directly but this commit enables that support by delegating the task to a sendmail-like executable such as SSMTP or Msmtp.
maild detects this mode of operation by checking for a / at the start of the smtp_server setting. It uses popen to launch the executable and passes the raw message to it via stdin. sendmail's -t argument tells
it to parse the headers given in the message so smtp_server will typically be set to something like
/usr/sbin/sendmail -t.In order for this to work, maild needs to be started without chrooting as it traditionally has done. It will therefore no longer chroot if it detects a / at the start of smtp_server.
It is best to view this commit with
--ignore-all-spaceas there are far few changes than the regular diff would imply.