[Snort-users] Acid Email Alerts

Jon Quiros jq_snort_users at ...6668...
Fri Jun 20 14:04:03 EDT 2003


Brian Gregorcy wrote:
> ya, I toyed with getting alerts to send out when they came in but it never
> worked correctly.  Also, just to get the alerts to send out when you hit the
> button required me to play with sendmail.  I'm a solaris newb so that is
> probably the reason why I never got it to work correctly.
> 
> If anyone knows of a way I would also love to hear it.
> 
> 
> b
> 

it's not a relaying denied thing.  i haven't looked into where acid 
grabs the "from:" field, but on my machine it tries to send mail as 
"www at ...274...".  i added "localhost" to sendmail's relay-domains file 
but no go.

my next step would be to change the "mail" directive in php.ini but i 
don't want to yet because other php stuff on this machine sends mail and 
they work fine.  i just need to find a good time window to try it real 
quick.

i'd try "sendmail -i -f etc..." instead of stock "sendmail" next because 
awhile ago when i searched for this solution i read in the archives that 
for someone "-f pepelopezenacidos at ...9532..." (replace 
"pepelopezenacidos at ...9532..." w/ the "from:" address you want to use) 
worked.

in, short, i'd be interested in seeing what fixes your mail from acid 
problem.





More information about the Snort-users mailing list