After a fresh Virtualmin/Webmin installation, Fail2Ban wouldn’t start if an email action was set (e.g., action_mw or action_mwl).
systemctl status fail2ban
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,868 fail2ban.jailsreader [11334]: ERROR Errors in jail 'proftpd'. Skipping...
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,877 fail2ban.jailreader [11334]: ERROR Unable to read action 'sendmail-whois-lines'
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,878 fail2ban.jailsreader [11334]: ERROR Errors in jail 'postfix'. Skipping...
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,885 fail2ban.jailreader [11334]: ERROR Unable to read action 'sendmail-whois-lines'
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,885 fail2ban.jailsreader [11334]: ERROR Errors in jail 'dovecot'. Skipping...
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,891 fail2ban.jailreader [11334]: ERROR Unable to read action 'sendmail-whois-lines'
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,891 fail2ban.jailsreader [11334]: ERROR Errors in jail 'postfix-sasl'. Skipping...
May 27 15:33:52 host fail2ban-server[11334]: 2020-05-27 15:33:52,901 fail2ban [11334]: ERROR Async configuration of server failed
May 27 15:33:52 host systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/n/a
May 27 15:33:52 host systemd[1]: fail2ban.service: Failed with result 'exit-code'.
To get it running I’d revert back to the default action that skips sending emails (action_).
Long and tedious story shortened, there was a missing component that turned up after lots of searching and installing the EPEL repo.
dnf search fail2ban
yada yada bingo
dnf info fail2ban-sendmail
Name : fail2ban-sendmail
Version : 0.11.1
Release : 6.el8
Architecture : noarch
Size : 12 k
Source : fail2ban-0.11.1-6.el8.src.rpm
Repository : @System
From repo : epel
Summary : Sendmail actions for Fail2Ban
URL : http://fail2ban.sourceforge.net/
License : GPLv2+
Description : This package installs Fail2Ban's sendmail actions. This is the
: default mail actions for Fail2Ban.
Evidently this should have been installed as part of the full source package, not sure why it wasn’t.
After running
dnf install fail2ban-sendmail
Fail2Ban fired up with a mail action set, no errors and the ssh ban notices started streaming in. MTA needs to be set to sendmail in /etc/fail2ban/jail.local.