Does ArpWatch use the built in IPFire mail service or does it use send mail? Some clarification in the documentation might be helpful.
PZ
It calls the sendmail binary which usually goes to the internal IPFire email system.
1 Like
Hi all,
have tried to get some mails from arpwatch with a configured and working dma . The testmails are delivered successfully but the arpwatch mails endet up with a 550
Sep 22 17:58:20 ipfire dma[4425eb]: new mail from user=root uid=8 envelope_from=<root@ipfire.local>
Sep 22 17:58:20 ipfire dma[4425eb]: mail to=<p.panxxxx@web.de> queued as 4425eb.3879caf0
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: <p.panxxxx@web.de> trying delivery
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: using smarthost (smtp.web.de:587)
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: trying remote delivery to smtp.web.de [213.165.xxx.xxx] pref 0
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: Server greeting successfully completed
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: Server supports STARTTLS
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: SSL initialization successful
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: Server greeting successfully completed
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: Server does not support STARTTLS
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: Server supports LOGIN authentication
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: using SMTP authentication for user p.panxxxx
Sep 22 17:58:20 ipfire dma[4425eb.3879caf0]: remote delivery to smtp.web.de [213.165.xxx.xxx] failed after MAIL FROM: 550-Requested action not taken: mailbox unavailable^M 550-Sender address is not allowed.^M 550 1MuFD7-1uD2Fl2RMT-00rYbl
whereby the sender address is not allowed. The sender differs to the mail.conf from dma and uses instead the hostname. All mails from arpwatch ending up in /var/mail/root and lokks like this
From root@ipfire.local Mon Sep 22 18:00:09 2025
Received: from root (uid 0)
(envelope-from root@ipfire.local)
id 4425f0
by ipfire.local (DragonFly Mail Agent v0.14 on ipfire.local);
Sat, 20 Sep 2025 18:32:04 +0200
From: arpwatch
To: root
Subject: new station (Galaxy-Tab-A9-5G.local)
Date: Sat, 20 Sep 2025 18:32:04 +0200
Message-Id: <68ced704.4425f0.7c432240@ipfire.local>
hostname: Galaxy-Tab-A9-5G.local
ip address: 192.168.10.3
ethernet address: 6a:ca:d7:48:f2:3c
ethernet vendor: <unknown>
timestamp: Saturday, September 20, 2025 18:32:04 +0200
. The only way i could find out was to force dma to use the envelop sender address which is configured in the working dma configuration by the usage of āMASQUERADEā Option in dma.conf which looks then like this
$ cat /var/ipfire/dma/dma.conf
MAILNAME ipfire.local
SECURETRANSFER
SPOOLDIR /var/spool/dma
AUTHPATH /var/ipfire/dma/auth.conf
PORT 587
STARTTLS
SMARTHOST smtp.web.de
FULLBOUNCE
MASQUERADE p.panxxxx@web.de
. So DMA overrides the envelope sender for SMTP sending via MASQUERADE the mail went through.
HavenĀ“t find other ways until now, may someone other does ? If dma WUI (mail.cgi) getĀ“s a new configuration, the MASQUERADE line will dissappear, so not a reliable solution but only a workaround.
Best,
Erik
1 Like
Please see thread https://community.ipfire.org/t/arpwatch-installation-failed/15070 to avoid duplication.
A similar problem occurred when testing the āReportsā add-on,
but a small change in the code was enough to fix it.
Regards
1 Like
Sorry @bonnietwin havenĀ“t read through it.