stop Process mail alerts

[dushyant]

Hi,

i am getting many email from CSF which I have installed on my server which are of

suspicious process is running under Avahi some times some other daemons

how can I stop such emails?

I have disabled LF_PERMBLOCK_ALERT but it stopped login and login failure mails.

i want to stop process mails only.

Thanks

[Sergio]

Please, show the execute and command lines from the email to know what suspicious processes are them.
You don't need to copy the complete email, just the first 10 lines from it.

[dushyant]

Time: Wed Aug 3 00:00:02 2016 -0500 Account: avahi Resource: Process Time Exceeded: 1366208 > 1800 (seconds) Executable: /usr/sbin/avahi-daemon Command Line: avahi-daemon: running [server.local] PID: 659 (Parent PID:659) Killed: No

above are the only details which I am getting on mail from firewall after every 15-30 mins of interval.

I don't required such mails from firewall.

I am getting mails for server access with authentication and if someone has tried to attack and firewall has blocked those IPs.

[Sergio]

You have 2 choices:
1. Disable AVAHI, you can find about this in google.
2. Set AVAHI in csf.pignore to allow AVAHI processes and you will not receive any more emails about it.

To add AVAHI in csf.pignore, you can add:
user:avahi

[dushyant]

To add AVAHI in csf.pignore, you can add:
user:avahi

This works for me

Thanks Sergio

[Elizine]

The hourly emails are from logcheck which runs from the hourly cron in /etc/cron.hourly/logcheck.sh. If you don't want the reports, simply delete that file. If you'd rather reschedule them to be made one per day, do:

mv /etc/cron.hourly/logcheck.sh /etc/cron.daily/