What I would do is the following:
First thing is to copy all action.d/sendmail-*.conf files to action.d/msmtp-*.conf files:
for file in /etc/fail2ban/action.d/sendmail*.conf; do cp "$file" "${file/sendmail/msmtp}"; done
Next step is to change the occurrences of before = sendmail to before = msmtp in the action.d/msmtp-*.conf files:
sed -i 's/before = sendmail/before = msmtp/' /etc/fail2ban/action.d/msmtp-*.conf
This will correct the references to other sendmail configuration files like before = sendmail-common.conf.
Followed by changing all occurrences of sendmail -f <sender> to msmtp in action.d/msmtp-*.conf:
sed -i 's/sendmail -f <sender>/msmtp/p' /etc/fail2ban/action.d/msmtp-*.conf
This will correct the lines where sendmail is called like Fail2Ban | /usr/sbin/sendmail -f <sender> <dest>.
The final step is changing the mta = msmtp in the action.d/jail.conf file.
Then reload fail2ban to test whether these modifications work.
Another thing to keep in mind is the user context of fail2ban with respect to the msmtp configuration. If you have a local msmtprc file configured, it might not be applied when fail2ban tries to run msmtp due to other user context. In that case, configure msmtp with a global configuration, or create a separate configuration for the user that runs fail2ban.
One solution has already occurred to me, but it's...a little hackish imo. Create the following file and run it. It relies on the f2b entries--and no others--all having "f2b" in them, and this script being run rather than iptables-save directly...
~/bin£ cat saveFilteredIptables.sh
#!/usr/bin/zsh
sudo iptables-save | perl -ne 'print if !/f2b/'
~/bin£
Best Answer
See whitelisting on the fail2ban website:
Another reference here: