Suricata+Booting sequence+email notifications

  • Hi everybody,

    Since I activated Suricata on my WAN interface, I no longer receive email notification when my firewall has completed its startup sequence.

    In the system logs, I see the following entry:
    notify_monitor.php: Can not send message to <email_address></email_address>- Error: Can not connect to : [SMTP: Socket connection failed: php_network_getaddresses: getaddrinfo failed: hostname or servname provided, or unknown ( code: -1, answer : )]

    Do you have an idea ? Could Suricate be the root cause ?

    Many thanks,

    Best regards,

    Mikaël ANDRE

  • I would assume you have configured the notification app to use the email server's name instead of IP address.  If so, it appears from the error message the DNS lookup of the hostname is failing.  That's what you should investigate.

    To see if Suricata is the problem, simply look on the ALERTS tab to see if any alerts are present with the IP address of your DNS server.  Have you tried disabling Suricata to be sure that is actually the cause of the problem?


Log in to reply