How to add email notifications to Fail2ban

Following up an my other two post about Fail2ban notifications, that you can read here: Adding ban/unban notifications from Fail2Ban to Discord! and here Adding ban/unban notifications from Fail2Ban to Pushover! I recently got email notifications working (Thank you count_confucius) and thought I’d share how to get that working!

Adding the action

[eckosc_status_message title=”Note” icon=”fa-exclamation-circle” type=”info” message=”I am using the linuxserver letsencrypt container in this guide.”]

Go into your /action.d folder and copy and rename sendmail-whois.conf to sendmail-whois.local.
Edit the file and replace the actionban and add the actionunban with the code below:

actionban =   printf %%b "Subject:🕵️ [Fail2Ban] <name>: BANNED IP <ip>! 🔨
              Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
              From: <sendername> <<sender>>
              To: <destination>\n
              The jail <name> has banned ip <ip> after <failures> attempts against <name>.\n
              Here is some info about the IP:<ip> \n
              Lines containing IP <ip>: \n
              `grep '<ip>' <logpath>` \n
              Fail2Ban" | /usr/sbin/sendmail -t -v -H 'exec openssl s_client -quiet -tls1 -connect' -au<from> -ap<password> <destination>

actionunban = printf %%b "Subject:🔔 [Fail2Ban] <name>: UNBANNED IP <ip> ✅
              Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
              From: <sendername> <<sender>>
              To: <destination>\n
              Fail2ban has unbanned ip<ip> successfully. \n
              Fail2Ban" | /usr/sbin/sendmail -t -v -H 'exec openssl s_client -quiet -tls1 -connect' -au<from> -ap<password> <destination>

NOTE: If you don’t use gmail you need to update the smtp address in the code!

Next save the file and copy and rename the sendmail-common.conf file to sendmail-common.local
We have to edit this file or else we’ll get a lot of errors in the Fail2ban log about failing to send jail startup and shutdown emails.

In the sendmail-common.local file remove everything after actionstart = and actionstop =

If you want emails on start and stop, add the code above and just change the subject and body of the email.


In your jail.local file add the following in the [DEFAULT] section:

action = iptables-allports
          %(action_mw)s[[email protected], password=secretpassword, [email protected], sendername=Fail2Ban]

Let’s break down the mail action.
from = The email account it sends from.
password = The password to the sender account.
destination = Where you want to send the notification.
sendername = Name of the sender.

The action  iptables-allports is needed because if you only have the send mail action it will override the action that updates the iptables! So it won’t ban the IP without it.

If you only want to add the mail notification to a specific jail you can add it to just that specific jail.
On [DEFAULT] it will be default on every jail in jail.local.

Lastly you need to restart fail2ban and try and ban yourself.


The email will look like this:

If you need any extra help join the Discord server!

Allowing mobile apps to work with services using Organizr server auth Optimizing PHP-FPM to get faster load times of tabs in Organizr How to setup GitLab to use Rack Attack and ban abusive IPs and rate limit requests