Bug 552947

Summary: RFE: conform fail2ban example email sending domains to RFC 2606
Product: [Fedora] Fedora Reporter: R P Herrold <herrold>
Component: fail2banAssignee: Axel Thimm <axel.thimm>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: axel.thimm
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: fail2ban-0.8.4-27.fc14 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-04-18 04:03:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description R P Herrold 2010-01-06 16:02:13 UTC 
Description of problem:

RFC 2026 provides 'guaranteed available' reserved domain names of the form: example,{com|org|...}

Presently two addresses exist and are used that conflict with an actual domain (and thus would cause 'backsplatter' if and when bounced) in the file:


[root@first fail2ban]# grep 'mail.com' * | rev | awk {'print $1'} | rev | sort | uniq

dest=you]
sender=fail2ban]
[root@first fail2ban]# 

'mail.com' seems to be a working domain, and one should properly not cause such load on them:

[herrold@first ~]$ whois mail.com
[Querying whois.verisign-grs.com]
[whois.verisign-grs.com]

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: MAIL.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: PDNS1.ULTRADNS.NET
   Name Server: PDNS2.ULTRADNS.NET
   Name Server: PDNS3.ULTRADNS.ORG
   Name Server: PDNS4.ULTRADNS.ORG
   Name Server: PDNS5.ULTRADNS.INFO
   Name Server: PDNS6.ULTRADNS.CO.UK
   Status: clientTransferProhibited
   Updated Date: 14-jul-2008
   Creation Date: 24-mar-1997
   Expiration Date: 25-mar-2010

seemingly managed by AOL:
Registrars.[herrold@first ~]$ dig -t mx  mail.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.1 <<>> -t mx mail.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20086
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 7

;; QUESTION SECTION:
;mail.com.                      IN      MX

;; ANSWER SECTION:
mail.com.               357468  IN      MX      10 mtain-mmc.gmtain-mmc.mx.aol.com.

;; AUTHORITY SECTION:
mail.com.               77357   IN      NS      pdns1.ultradns.net.
mail.com.               77357   IN      NS      pdns2.ultradns.net.
mail.com.               77357   IN      NS      pdns3.ultradns.org.
mail.com.               77357   IN      NS      pdns4.ultradns.org.
mail.com.               77357   IN      NS      pdns5.ultradns.info.
mail.com.               77357   IN      NS      pdns6.ultradns.co.uk.

;; ADDITIONAL SECTION:



Version-Release number of selected component (if applicable):

fail2ban-0.8.1-11

How reproducible:

read with 'grep'

Steps to Reproduce:

as above
  
Actual results:

as above

Expected results:

a s/@mail.com/@example.com/g replacement on that file

Additional info:

The fix is a trivial one on that sample config file, and as a 'good internet citizen' should be applied by Fedora

Please ask if any questions

-- Russ herrold
Comment 1 R P Herrold 2010-01-06 18:14:22 UTC 
report filed upstream with  Cyril Jaquier: lostcontrol users sourceforge net who seems to be the project lead in trying to run down the address to file patches with -- path is easy for the .spec file pending that, being something along the lines of:

sed -i.bak -e 's/@mail.com/@example.com/g' /etc/fail2ban/jail.conf
  

-- Russ herrold
Comment 2 R P Herrold 2010-12-01 15:52:33 UTC 
ping?
Comment 3 Fedora Update System 2011-04-09 19:07:14 UTC 
fail2ban-0.8.4-27.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc14
Comment 4 Fedora Update System 2011-04-09 19:07:49 UTC 
fail2ban-0.8.4-27.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc13
Comment 5 Fedora Update System 2011-04-09 19:08:21 UTC 
fail2ban-0.8.4-27.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc15
Comment 6 Fedora Update System 2011-04-10 01:44:05 UTC 
Package fail2ban-0.8.4-27.fc15:
* should fix your issue,
* was pushed to the Fedora 15 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing fail2ban-0.8.4-27.fc15'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc15
then log in and leave karma (feedback).
Comment 7 Fedora Update System 2011-04-18 04:02:46 UTC 
fail2ban-0.8.4-27.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2011-04-25 20:50:31 UTC 
fail2ban-0.8.4-27.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2011-04-25 20:55:13 UTC 
fail2ban-0.8.4-27.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.