Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't send SMTP emails #127

Open
sebas05000 opened this issue Jun 25, 2022 · 1 comment · May be fixed by #169
Open

Can't send SMTP emails #127

sebas05000 opened this issue Jun 25, 2022 · 1 comment · May be fixed by #169
Labels
kind/bug

Comments

@sebas05000
Copy link

Behavior

Steps to reproduce this issue

  1. Try to ban my IP
  2. fail2ban tries to send an email but it fails
  3. Checking my SMTP server shows that the username or password is incorrect even so everything is correct

Expected behavior

Emails would send without any issues

Actual behavior

Emails not being sent

Configuration

  • Docker version (type docker --version) : 20.10.3
  • Docker compose version if applicable (type docker-compose --version) : 1.28.5
  • Platform (Debian 9, Ubuntu 18.04, ...) : SynologyNAS
  • System info (type uname -a) : Linux SynologyN 4.4.180+ #42661 SMP Fri Apr 1 15:33:03 CST 2022 x86_64 GNU/Linux synology_geminilake_920+
  • Include all necessary configuration files : docker-compose.yml, .env, ...

fail2ban-compose.yml.txt
vaultwarden-admin.conf.txt
vaultwarden.conf.txt
vaultwarden.local.txt
vaultwarden2.conf.txt
vaultwarden-admin2.conf.txt

Docker info

> Client:
 Context:    default
 Debug Mode: false

Server:
 Containers: 5
  Running: 4
  Paused: 0
  Stopped: 1
 Images: 9
 Server Version: 20.10.3
 Storage Driver: btrfs
  Build Version: Btrfs v4.0
  Library Version: 101
 Logging Driver: db
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs db fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 3fa00912415f3e9c6f82dd72119179d599efd13b
 runc version: 31cc25f16f5eba4d0f53e35374532873744f4b31
 init version: ed96d00 (expected: de40ad0)
 Security Options:
  apparmor
 Kernel Version: 4.4.180+
 Operating System:  (containerized)
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 11.54GiB
 Name: Synology
 ID: [REDACTED]
 Docker Root Dir: /volume1/@docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Live Restore Enabled: false

Logs

> 2022-06-24 22:24:10,202 fail2ban.server         [1]: INFO    --------------------------------------------------
2022-06-24 22:24:10,202 fail2ban.server         [1]: INFO    Starting Fail2ban v0.11.2
2022-06-24 22:24:10,206 fail2ban.observer       [1]: INFO    Observer start...
2022-06-24 22:24:10,212 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2022-06-24 22:24:10,220 fail2ban.database       [1]: WARNING New database created. Version '4'
2022-06-24 22:24:10,221 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden-admin'
2022-06-24 22:24:10,233 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' uses pyinotify {}
2022-06-24 22:24:10,234 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 22:24:10,242 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 22:24:10,242 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 22:24:10,246 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 22:24:10,246 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 22:24:10,247 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 0, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 22:24:10,248 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden'
2022-06-24 22:24:10,248 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' uses pyinotify {}
2022-06-24 22:24:10,220 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 22:24:10,223 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 22:24:10,223 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 22:24:10,223 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 22:24:10,224 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 22:24:10,224 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 0, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 22:24:10,261 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' started
2022-06-24 22:24:10,264 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' started
2022-06-24 22:24:10,320 fail2ban.utils          [1]: ERROR   7fdbd2918b90 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden-admin: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden-admin has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 22:24:10,321 fail2ban.utils          [1]: ERROR   7fdbd2918b90 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 22:24:10,321 fail2ban.utils          [1]: ERROR   7fdbd2918b90 -- returned 1
2022-06-24 22:24:10,321 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden-admin' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden-admin')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 22:24:10,336 fail2ban.utils          [1]: ERROR   7fdbd2919b20 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 22:24:10,336 fail2ban.utils          [1]: ERROR   7fdbd2919b20 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 22:24:10,336 fail2ban.utils          [1]: ERROR   7fdbd2919b20 -- returned 1
2022-06-24 22:24:10,337 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 22:22:08,271 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:08
2022-06-24 22:22:12,368 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:12
2022-06-24 22:22:12,097 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:12
2022-06-24 22:22:17,802 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:17
2022-06-24 22:22:20,206 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:20
2022-06-24 22:22:20,608 fail2ban.actions        [1]: NOTICE  [vaultwarden] Ban IP
2022-06-24 22:22:21,128 fail2ban.utils          [1]: ERROR   7fdbd4bf3fd0 -- exec: ( printf %b "Subject: [Fail2Ban] vaultwarden: banned IP from Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The IP IP has just been banned by Fail2Ban after
2 attempts against vaultwarden.\n\n
Here is more information about IP :\n"
whois IP || echo "missing whois program";
printf %b "\nLines containing failures of IP (max 1000)\n";
logpath="/vaultwarden/vaultwarden.log"; grep -m 1000 -wF "IP" $logpath | tail -n 1000;
printf %b "\n
Regards,\n
Fail2Ban" ) | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 22:22:21,128 fail2ban.utils          [1]: ERROR   7fdbd4bf3fd0 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 22:22:21,128 fail2ban.utils          [1]: ERROR   7fdbd4bf3fd0 -- returned 1
2022-06-24 22:22:21,128 fail2ban.actions        [1]: ERROR   Failed to execute ban jail 'vaultwarden' action 'sendmail-whois-lines' info 'ActionInfo({'IP': 'IP', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7fdbd2303f70>, 'failures': 2, 'F-*': {'matches': [('[', '2022-06-24 22:22:08.269', '][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.'), '[2022-06-24 22:22:12.366][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 22:22:12.096][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 22:22:17.296][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 22:22:20.192][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.'], 'failures': 2, 'IP4': 'IP'}, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7fdbd22fd670>})': Error banning IP
2022-06-24 22:22:24,663 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:24
2022-06-24 22:22:28,277 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:28
2022-06-24 22:22:28,747 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:28
2022-06-24 22:22:32,624 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:32
2022-06-24 22:22:32,329 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:34
2022-06-24 22:22:32,744 fail2ban.actions        [1]: NOTICE  [vaultwarden] IP already banned
2022-06-24 22:26:27,619 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:26:27
2022-06-24 22:28:20,046 fail2ban.server         [1]: INFO    Shutdown in progress...
2022-06-24 22:28:20,046 fail2ban.observer       [1]: INFO    Observer stop ... try to end queue 2 seconds
2022-06-24 22:28:20,067 fail2ban.observer       [1]: INFO    Observer stopped, 0 events remaining.
2022-06-24 22:28:20,107 fail2ban.server         [1]: INFO    Stopping all jails
2022-06-24 22:28:20,108 fail2ban.filter         [1]: INFO    Removed logfile: '/vaultwarden/vaultwarden.log'
2022-06-24 22:28:20,109 fail2ban.filter         [1]: INFO    Removed logfile: '/vaultwarden/vaultwarden.log'
2022-06-24 22:28:20,162 fail2ban.actions        [1]: NOTICE  [vaultwarden] Flush ticket(s) with IPtables-multIPort
2022-06-24 22:28:20,181 fail2ban.actions        [1]: NOTICE  [vaultwarden] Unban IP
2022-06-24 22:28:20,612 fail2ban.actions        [1]: NOTICE  [vaultwarden-admin] Flush ticket(s) with IPtables-multIPort
2022-06-24 22:28:20,710 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' stopped
2022-06-24 22:28:20,712 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' stopped
2022-06-24 22:28:20,712 fail2ban.database       [1]: INFO    Connection to database closed.
2022-06-24 22:28:20,713 fail2ban.server         [1]: INFO    Exiting Fail2ban
2022-06-24 23:02:10,971 fail2ban.server         [1]: INFO    --------------------------------------------------
2022-06-24 23:02:10,971 fail2ban.server         [1]: INFO    Starting Fail2ban v0.11.2
2022-06-24 23:02:10,972 fail2ban.observer       [1]: INFO    Observer start...
2022-06-24 23:02:10,981 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2022-06-24 23:02:10,982 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden-admin'
2022-06-24 23:02:10,992 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' uses pyinotify {}
2022-06-24 23:02:10,996 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 23:02:11,003 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 23:02:11,004 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 23:02:11,004 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 23:02:11,004 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 23:02:11,004 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 2836, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 23:02:11,002 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden'
2022-06-24 23:02:11,006 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' uses pyinotify {}
2022-06-24 23:02:11,006 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 23:02:11,008 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 23:02:11,009 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 23:02:11,009 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 23:02:11,009 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 23:02:11,009 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 2836, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 23:02:11,012 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' started
2022-06-24 23:02:11,038 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' started
2022-06-24 23:02:11,020 fail2ban.utils          [1]: ERROR   7f9cf72dad30 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden-admin: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden-admin has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:02:11,020 fail2ban.utils          [1]: ERROR   7f9cf72dad30 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:02:11,020 fail2ban.utils          [1]: ERROR   7f9cf72dad30 -- returned 1
2022-06-24 23:02:11,021 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden-admin' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden-admin')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 23:02:11,061 fail2ban.utils          [1]: ERROR   7f9cf72dbb20 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:02:11,061 fail2ban.utils          [1]: ERROR   7f9cf72dbb20 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:02:11,061 fail2ban.utils          [1]: ERROR   7f9cf72dbb20 -- returned 1
2022-06-24 23:02:11,062 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 23:02:11,062 fail2ban.actions        [1]: NOTICE  [vaultwarden] Restore Ban IP
2022-06-24 23:04:47,929 fail2ban.server         [1]: INFO    Shutdown in progress...
2022-06-24 23:04:47,930 fail2ban.observer       [1]: INFO    Observer stop ... try to end queue 2 seconds
2022-06-24 23:04:47,920 fail2ban.observer       [1]: INFO    Observer stopped, 0 events remaining.
2022-06-24 23:04:47,991 fail2ban.server         [1]: INFO    Stopping all jails
2022-06-24 23:04:47,992 fail2ban.filter         [1]: INFO    Removed logfile: '/vaultwarden/vaultwarden.log'
2022-06-24 23:04:47,992 fail2ban.filter         [1]: INFO    Removed logfile: '/vaultwarden/vaultwarden.log'
2022-06-24 23:04:48,422 fail2ban.actions        [1]: NOTICE  [vaultwarden-admin] Flush ticket(s) with IPtables-multIPort
2022-06-24 23:04:48,422 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' stopped
2022-06-24 23:04:48,489 fail2ban.actions        [1]: NOTICE  [vaultwarden] Flush ticket(s) with IPtables-multIPort
2022-06-24 23:04:48,206 fail2ban.actions        [1]: NOTICE  [vaultwarden] Unban IP
2022-06-24 23:04:48,244 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' stopped
2022-06-24 23:04:48,244 fail2ban.database       [1]: INFO    Connection to database closed.
2022-06-24 23:04:48,242 fail2ban.server         [1]: INFO    Exiting Fail2ban
2022-06-24 23:02:00,182 fail2ban.server         [1]: INFO    --------------------------------------------------
2022-06-24 23:02:00,182 fail2ban.server         [1]: INFO    Starting Fail2ban v0.11.2
2022-06-24 23:02:00,183 fail2ban.observer       [1]: INFO    Observer start...
2022-06-24 23:02:00,192 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2022-06-24 23:02:00,196 fail2ban.database       [1]: WARNING New database created. Version '4'
2022-06-24 23:02:00,197 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden-admin'
2022-06-24 23:02:00,210 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' uses pyinotify {}
2022-06-24 23:02:00,211 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 23:02:00,218 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 23:02:00,218 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 23:02:00,218 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 23:02:00,219 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 23:02:00,219 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 0, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 23:02:00,220 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden'
2022-06-24 23:02:00,220 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' uses pyinotify {}
2022-06-24 23:02:00,221 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 23:02:00,223 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 23:02:00,223 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 23:02:00,223 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 23:02:00,224 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 23:02:00,224 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 0, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 23:02:00,232 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' started
2022-06-24 23:02:00,232 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' started
2022-06-24 23:02:00,303 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:08
2022-06-24 23:02:00,302 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:12
2022-06-24 23:02:00,302 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:12
2022-06-24 23:02:00,306 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:17
2022-06-24 23:02:00,307 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:20
2022-06-24 23:02:00,307 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:24
2022-06-24 23:02:00,308 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:28
2022-06-24 23:02:00,308 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:28
2022-06-24 23:02:00,309 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:32
2022-06-24 23:02:00,309 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:22:34
2022-06-24 23:02:00,310 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 22:26:27
2022-06-24 23:02:00,316 fail2ban.utils          [1]: ERROR   7fea9a2e61d0 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden-admin: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden-admin has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:02:00,317 fail2ban.utils          [1]: ERROR   7fea9a2e61d0 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:02:00,317 fail2ban.utils          [1]: ERROR   7fea9a2e61d0 -- returned 1
2022-06-24 23:02:00,317 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden-admin' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden-admin')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 23:02:00,327 fail2ban.utils          [1]: ERROR   7fea9b818b20 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:02:00,327 fail2ban.utils          [1]: ERROR   7fea9b818b20 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:02:00,327 fail2ban.utils          [1]: ERROR   7fea9b818b20 -- returned 1
2022-06-24 23:02:00,327 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 23:02:00,328 fail2ban.actions        [1]: NOTICE  [vaultwarden] Ban IP
2022-06-24 23:02:00,288 fail2ban.utils          [1]: ERROR   7fea9aaf1fd0 -- exec: ( printf %b "Subject: [Fail2Ban] vaultwarden: banned IP from Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The IP IP has just been banned by Fail2Ban after
2 attempts against vaultwarden.\n\n
Here is more information about IP :\n"
whois IP || echo "missing whois program";
printf %b "\nLines containing failures of IP (max 1000)\n";
logpath="/vaultwarden/vaultwarden.log"; grep -m 1000 -wF "IP" $logpath | tail -n 1000;
printf %b "\n
Regards,\n
Fail2Ban" ) | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:02:00,288 fail2ban.utils          [1]: ERROR   7fea9aaf1fd0 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:02:00,288 fail2ban.utils          [1]: ERROR   7fea9aaf1fd0 -- returned 1
2022-06-24 23:02:00,289 fail2ban.actions        [1]: ERROR   Failed to execute ban jail 'vaultwarden' action 'sendmail-whois-lines' info 'ActionInfo({'IP': 'IP', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7fea9b201f70>, 'failures': 2, 'F-*': {'matches': [('[', '2022-06-24 22:22:08.269', '][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.'), '[2022-06-24 22:22:12.366][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 22:22:12.096][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 22:22:17.296][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 22:22:20.192][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.'], 'failures': 2, 'IP4': 'IP'}, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7fea9b1fb670>})': Error banning IP
2022-06-24 23:02:00,289 fail2ban.actions        [1]: NOTICE  [vaultwarden] IP already banned
2022-06-24 23:06:44,418 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 23:06:44
2022-06-24 23:06:49,200 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 23:06:49
2022-06-24 23:06:22,471 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 23:06:22
2022-06-24 23:07:07,016 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 23:07:07
2022-06-24 23:07:10,921 fail2ban.filter         [1]: INFO    [vaultwarden] Found IP - 2022-06-24 23:07:10
2022-06-24 23:07:10,934 fail2ban.actions        [1]: NOTICE  [vaultwarden] Ban IP
2022-06-24 23:07:12,164 fail2ban.utils          [1]: ERROR   7fea9aaf1fe0 -- exec: ( printf %b "Subject: [Fail2Ban] vaultwarden: banned IP from Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The IP IP has just been banned by Fail2Ban after
2 attempts against vaultwarden.\n\n
Here is more information about IP :\n"
whois IP || echo "missing whois program";
printf %b "\nLines containing failures of IP (max 1000)\n";
logpath="/vaultwarden/vaultwarden.log"; grep -m 1000 -wF "IP" $logpath | tail -n 1000;
printf %b "\n
Regards,\n
Fail2Ban" ) | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:07:12,162 fail2ban.utils          [1]: ERROR   7fea9aaf1fe0 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:07:12,162 fail2ban.utils          [1]: ERROR   7fea9aaf1fe0 -- returned 1
2022-06-24 23:07:12,162 fail2ban.actions        [1]: ERROR   Failed to execute ban jail 'vaultwarden' action 'sendmail-whois-lines' info 'ActionInfo({'IP': 'IP', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7fea9b201f70>, 'failures': 2, 'F-*': {'matches': [('[', '2022-06-24 23:06:44.221', '][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.'), '[2022-06-24 23:06:49.498][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 23:06:22.469][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 23:07:07.014][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.', '[2022-06-24 23:07:10.734][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: IP. Username: example@protonmail.com.'], 'failures': 2, 'IP4': 'IP'}, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7fea9b1fb670>})': Error banning IP
2022-06-24 23:29:38,487 fail2ban.server         [1]: INFO    Shutdown in progress...
2022-06-24 23:29:38,487 fail2ban.observer       [1]: INFO    Observer stop ... try to end queue 2 seconds
2022-06-24 23:29:38,208 fail2ban.observer       [1]: INFO    Observer stopped, 0 events remaining.
2022-06-24 23:29:38,248 fail2ban.server         [1]: INFO    Stopping all jails
2022-06-24 23:29:38,222 fail2ban.filter         [1]: INFO    Removed logfile: '/vaultwarden/vaultwarden.log'
2022-06-24 23:29:38,222 fail2ban.filter         [1]: INFO    Removed logfile: '/vaultwarden/vaultwarden.log'
2022-06-24 23:29:38,792 fail2ban.actions        [1]: NOTICE  [vaultwarden] Flush ticket(s) with IPtables-multIPort
2022-06-24 23:29:38,817 fail2ban.actions        [1]: NOTICE  [vaultwarden] Unban IP
2022-06-24 23:29:38,817 fail2ban.actions        [1]: NOTICE  [vaultwarden] Unban IP
2022-06-24 23:29:39,124 fail2ban.actions        [1]: NOTICE  [vaultwarden-admin] Flush ticket(s) with IPtables-multIPort
2022-06-24 23:29:39,123 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' stopped
2022-06-24 23:29:39,124 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' stopped
2022-06-24 23:29:39,124 fail2ban.database       [1]: INFO    Connection to database closed.
2022-06-24 23:29:39,122 fail2ban.server         [1]: INFO    Exiting Fail2ban
2022-06-24 23:31:02,186 fail2ban.server         [1]: INFO    --------------------------------------------------
2022-06-24 23:31:02,186 fail2ban.server         [1]: INFO    Starting Fail2ban v0.11.2
2022-06-24 23:31:02,187 fail2ban.observer       [1]: INFO    Observer start...
2022-06-24 23:31:02,201 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2022-06-24 23:31:02,203 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden-admin'
2022-06-24 23:31:02,217 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' uses pyinotify {}
2022-06-24 23:31:02,219 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 23:31:02,228 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 23:31:02,228 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 23:31:02,228 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 23:31:02,229 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 23:31:02,229 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 3661, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 23:31:02,230 fail2ban.jail           [1]: INFO    Creating new jail 'vaultwarden'
2022-06-24 23:31:02,230 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' uses pyinotify {}
2022-06-24 23:31:02,232 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2022-06-24 23:31:02,234 fail2ban.filter         [1]: INFO      maxRetry: 2
2022-06-24 23:31:02,234 fail2ban.filter         [1]: INFO      findtime: 86400
2022-06-24 23:31:02,232 fail2ban.actions        [1]: INFO      banTime: 2292000
2022-06-24 23:31:02,232 fail2ban.filter         [1]: INFO      encoding: UTF-8
2022-06-24 23:31:02,232 fail2ban.filter         [1]: INFO    Added logfile: '/vaultwarden/vaultwarden.log' (pos = 3661, hash = 9e3a9fc262e7db3b3cb03447279d8f767891486a)
2022-06-24 23:31:02,238 fail2ban.jail           [1]: INFO    Jail 'vaultwarden-admin' started
2022-06-24 23:31:02,343 fail2ban.jail           [1]: INFO    Jail 'vaultwarden' started
2022-06-24 23:31:02,368 fail2ban.utils          [1]: ERROR   7f36261ce6b0 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden-admin: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden-admin has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:31:02,369 fail2ban.utils          [1]: ERROR   7f36261ce6b0 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:31:02,369 fail2ban.utils          [1]: ERROR   7f36261ce6b0 -- returned 1
2022-06-24 23:31:02,369 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden-admin' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden-admin')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 23:31:02,382 fail2ban.utils          [1]: ERROR   7f3622e27cb0 -- exec: printf %b "Subject: [Fail2Ban] vaultwarden: started on Synology
Date: `LC_ALL=C date +"%a, %d %h %Y %T %z"`
From: Fail2Ban <example@protonmail.com>
To: ExampleGoesHere@protonmail.com\n
Hi,\n
The jail vaultwarden has been started successfully.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f "example@protonmail.com" "ExampleGoesHere@protonmail.com"
2022-06-24 23:31:02,382 fail2ban.utils          [1]: ERROR   7f3622e27cb0 -- stderr: 'sendmail: Authorization failed (424 4.7.0 Invalid username or password)'
2022-06-24 23:31:02,382 fail2ban.utils          [1]: ERROR   7f3622e27cb0 -- returned 1
2022-06-24 23:31:02,382 fail2ban.actions        [1]: ERROR   Failed to start jail 'vaultwarden' action 'sendmail-whois-lines': Error starting action Jail('vaultwarden')/sendmail-whois-lines: 'ScrIPt error'
2022-06-24 23:31:02,386 fail2ban.actions        [1]: NOTICE  [vaultwarden] Restore Ban IP
2022-06-24 23:31:02,422 fail2ban.actions        [1]: NOTICE  [vaultwarden] Restore Ban IP

Logs of my SMTP Server

> 220 localhost ESMTP Service Ready
EHLO fail2ban
250-Hello fail2ban
250-PIPELINING
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-CHUNKING
250-AUTH PLAIN LOGIN
250 SIZE
AUTH LOGIN
334 VXNlcm5hbWU6
[REDACTED]
334 UGFzc3dvcmQ6
[REDACTED]
454 4.7.0 Invalid username or password
@crazy-max
Copy link
Owner

It might be related to https://superuser.com/a/1174535/501947. I will check to switch to msmtp.

@crazy-max crazy-max linked a pull request May 9, 2024 that will close this issue
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

drop ssmtp support and switch to sidecar container with msmtpd crazy-max/docker-fail2ban
2 participants
@crazy-max @sebas05000