I have just installed tripwire using Ubuntu repos and have gone into the configuration files and changed everything to what I want. When in comes to the options for SMTP mail method and the server and port to use, I am stumped. When I run the test email I get this error message.
/usr/sbin/tripwire --test --email blah@nowhere
Sending a test message to: blah@nowhere
### Error: The SMTP connection could not be established.
### Server: localhost
### Exiting...
Email test failed.
I have made appropriate changes to the firewall. I don't have an smtp server installed. Do I need to? Any other ways I could use without installing an SMTP server due to security issues?
Best Answer
If your hostname on your server is not a FQDN (fully qualified domain name - i.e. myhost vs. myhost.example.com, where the latter is a FQDN) you will probably not be able to send out emails with tripwire. This was the case for me using Ubuntu server.
You can check your hostname with:
And you can change it with:
where MYFQDN is your new FQDN hostname.
After this you should run a tripwire check:
You should see various errors now. Tripwire uses HOSTNAME to name various files. You will need to rename a few.
Finally you will also need to reinitialize your database due to the error:
You can do that with:
And it should now work.
EDIT: Two additional comments...
to permanently change my hostname I had to edit /etc/hostname otherwise your changes will not survive a reboot
you may be able to update your database above (instead of using sudo tripwire -m i) by using:
sudo tripwire -m p