I am following this how-to to install fail2ban on debian ecth. http://www.howtoforge.com/fail2ban_debian_etch but modified it to work on CentOS. It is working: [root@webserver action.d]# fail2ban-client status ssh Status for the jail: ssh |- filter | |- Currently failed: 0 | `- Total failed: 11 `- action |- Currently banned: 0 | `- IP list: `- Total banned: 3 My question is that there appears to be some type of email configuration that if a user gets banned it sends an email to the attacker. I don't know if i have that working or how that is configured. the file /etc/fail2ban/action.d/mail.conf
Looks ok, but you have actionstart and actionend twice in that file. Comment out one actionstart and one actionend directive.
The two actionstart and actionend was due to me cutting and pasting. I only have one of each. How can i test that the emails are getting sent?