Hi,
yesterday I enabled syslogserver on tcp and udp port 514 to receive syslogs from Qnap and a switch.
Also I activated the mailnotification for warnings and errors, which is done via outlook.com.
By mistake the first notification was set incl. information, which I corrected.
Afterwards I saw the pfsense logs a all 60 seconds a warning about a duplicate packet.
So I modified the syslog filter NOT to log this messages anymore.
Keeps sending mails
Then i stopped syslog, deleted the messages file and restarted syslog
keeps sending mails
afterwards I rebootet the complete Qnap
keeps sending mails
In the meantime Microsoft blocked the mailsender as over quota (which is expected)
The link itself didn’t help to solve directly, but brought an additional insight.
within the notification queue there is NOT a long list
but when the script “python /usr/local/sbin/notify send2 -A A035 -C C004 -M 18 -l warn -t 2 [{0}] {1} %V001% ServerName:pfsense01;dpinger…” runs there is afterwards ONE notice in the queue and afterwards an entry in the history about the failed (cause over quota) try to send.
As I was unable to find the reason so far, I removed the notificiation smtp account (unfortunatly it’s not possible to disable it, unless adding a second one and reconfigure all notices)
Now I created a new @outlook account to sendout the messages from the Qnap.
As soon as this activates Rule-1 the old syslog messages, which include warning sent in from Pfsense get immediatly tried to get sent out with the new mailaddress (until it get locked)
what is the differenence of “Syslog-Server” in Rule-1 and the Syslog Server at the same level the rules for system notifications?
where does the Rule-1 store the queue to send out the notifications? cause the messages is still tries to send out are not there anymore.
They where listed in syslog/messages, where I deleted the file and setup a syslog-filter to avoid the logging fo the mentioned entries
