Posts Tagged ‘third party’

How to check version of most used mail servers Postfix / Qmail / Exim / Sendmail

Wednesday, October 14th, 2020

How to check version of a Linux host's installed Mail server?

Most used mail servers Postfix / Qmail / Exim / Sendmail and usually you have to do a dpkg -l / rpm -qa or whatever package manager to get the package version. But sometimes the package is built to have a different naming convention from the actual installed MTA.

As recently I had to check on a Linux host what kind of version was the installed and used one to the SMTP, below is how to find conrete versions of Postfix / Qmail / Exim / Sendmail.
If none of the 4 is installed and something more cryptic like ssmtp is installed if another one is installed perhaps the best way would be to check with lsof -i :25 command and see  what process has binded and listens on TCP port 25.




1. How to check Postfix exact mail server version


Once you can find Postfix is the Network listening MTA, you might think you can simply use postfix -v however, but no …
Unlike many other applications, Postfix has no -v or –versions switch. But you can get the version information easily by using the postconf command as shown below:

root@server :~# postconf mail_version


Other approach is to dump all postfix configuration settings (this is useful to get more info on how postfix is configured) and explicitly grep for the version.
 How to check version of a Linux host's installeded webserver?

root@server :~# postconf -d | grep mail_version


2. How to check Exim MTA running version ?

root@exim-mail :/ # exim -bV
Exim version 4.72 #1 built 13-Jul-2010 21:54:55
Copyright (c) University of Cambridge, 1995 – 2007
Berkeley DB: Sleepycat Software: Berkeley DB 4.3.29: (September 19, 2009)
Support for: crypteq iconv() Perl OpenSSL move_frozen_messages Content_Scanning DKIM Old_Demime
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Size of off_t: 8
OpenSSL compile-time version: OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
OpenSSL runtime version: OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
Configuration file is /etc/exim.conf


3. How to check Sendmail Mail Transport Agent exact Mail version ?

Though sendmail is rarely used this days and it usually works mostly on obsolete old scrap hosts
or in some old fashioned conservative organizations such as Banks and Payment services providers, you might need to invertise it, just like the configuration m4 format complexity with its annoying macros, getting the version is also not straight forward:

# sendmail -d0.4 -bv root | grep Version
Version 8.14.4

Above commands should be working on most Linux distributions such as Debian / Ubuntu / Fedora / CentOS / SuSE and other Linux derivatives

4. How to check Qmail MTA version?

This is a bit of complicated question, as Qmail's base has not been significantly changed for years.
The latest published qmail package is qmail-1.03.tar.gz.  1.03 was released in 1998, Qmail is famous for its unbreakable security. The author of qmail  Daniel J. Bernstein is famous for writting Qmail to make the work installation and configuration of SMTP simple as of the time of writting sendmail was the defacto standard and sendmail was hard to configure.
Also sendmail was famous for a set of Security holes that got a lot of Sendmail MTA's on the Net got hacked. Thus the QMAIL was written as a more security-aware mail transport agent.

In contrast to sendmail, qmail has a modular architecture composed of mutually untrusting components; for instance, the SMTP listener component of qmail runs with different credentials from the queue manager or the SMTP sender. qmail was also implemented with a security-aware replacement to the C standard library, and as a result has not been vulnerable to stack and heap overflows, format string attacks, or temporary file race conditions.

The core qmail package has not been updated for many years. New features were initially provided by third party patches, from which the most important at the time were brought together in a single meta-patch set called netqmail.

The current version of netqmail is at 1.06 netqmail-1.06.tar.gz as of year 2020.

One possible way to get some info about installed qmail or components is to use the documentation look up command apropos

qmail:~# apropos qmail

or check the manual or at worst check for the installation source files that the person that installed the qmail used 🙂

A fun fact about qmail few might know is D. Bernstein offered in 1997 a US$500 reward for the first person to publish a verifiable security hole in the latest version of the software, for many years till 2005 no hole was found security researcher Georgi Guninski found an integer overflow in qmail. On 64-bit platforms, in default configurations with sufficient virtual memory, the delivery of huge amounts of data to certain qmail components may allow remote code execution. Bernstein disputes that this is a practical attack, arguing that no real-world deployment of qmail would be susceptible. Configuration of resource limits for qmail components mitigates the vulnerability.

On November 1, 2007, Bernstein raised the reward to US$1000. At a slide presentation the following day, Bernstein stated that there were 4 "known bugs" in the ten-year-old qmail-1.03, none of which were "security holes." He characterized the bug found by Guninski as a "potential overflow of an unchecked counter." "Fortunately, counter growth was limited by memory and thus by configuration, but this was pure luck.

5. Quick way to check the type of Mail server installed on Debian based Linux that doesn't have telnet installed

As you know simple telnet localhost 25 or a simple ps -ef could reveal at most times general information on the installed server. However there is another way to do it using package manager. by using embedded bash shell type type command like so:

# type -p sendmail |
xargs dpkg -S


Another hacky way to check whether exim, postfix or sendmail SMTP is installed is with:

hipo@freak:~$ echo $(man sendmail)| grep "exim"|wc -l
hipo@freak:~$ echo $(man sendmail)| grep "postfix"|wc -l
hipo@freak:~$ echo $(man sendmail)| grep "sendmail"|wc -l

I guess there are nice hacks and ways to get versions, so if you're aware of any please share with me.
Enjoy !

Howto to Unlock Mtel locked Mobile Phone ZTE Blade 3 IMEI 866643012872768 to connect to Telenor and Vivacom mobile networks in Bulgaria

Friday, January 20th, 2017


How to unlock Unlock Mtel locked Mobile Phone ZTE Blade 3 IMEI 866643012872768

Thanks to this little forum after a very thoroughful research on the topic howto unlock my ZTE Blade 3
in Russian / United Stated Google.US and UK Google.Co.Uk I've figured out a number of ways recommended

I've lost some time watching also few videos illustrating howto unlock the phone for other non MTEL mobile operators with

some third party cracker software  which seemed like a good way to infect your PC with spyware for example
Direct Unlock ZTE BLADE 3 & ZTE RACER 3 – YouTube
Unlock ZTE Blade 3, Blade V & Blade Q Mini – YouTube

there are a number of ways and paid software that could do various non-conventional things like unlock the phone for example:
GB Key


Here is description of GB Key

You can Call it UNLIMITED – Direct Unlocker, Code Calculator, Code Reader, is fast, easy to use, encrypted, more than 200 models supported and most of it is it's UNLIMITED use. Updates come on regular basis with addition to new models and features.

Supported Models

More than 500 supported models from mobile phones to modems and growing.

Currently supports around 260 MEPs & more than 9500 PRDs (and growing..) .

FREE & UNLIMITED: Huawei, Huawei Modem, BlackBerry, Alcatel MTK, Alcatel U7, Alcatel Modem, LG, Samsung Swift, Samsung 3G, ZTE Qcom-Android, ZTE MTK, and many many more..

There is also a number of services online that offer remote paid services to Unlock any smart phone remotely by paying with a card and providing the IMEI.
I guess this services either use Android Emulator with manually setting the respective IMEI of the phone and then uses some software (box) as they call it to generate the code using the respective algorithm. etc.


However as I didn't wanted to spend money on something on such non-sense I digged a little bit more and I found out that according to Bulgarian Legislation encoding a sold mobile phone by the mobile operator is already illegal and all mobile operators in Bulgaria (that used some kind of encoding software to prevent a bought phone from them to be used with another mobile operator should provide openly the mobile phone codes freely).

As MTEL had to fit the new wall they made a small online generator Database with Unlock codes for all prior sold mobiles encoded.

I've used the URL (using my website access previosuly freely registered on website in order to track and send free SMS-es in MTEL and check out my mobile phone money balance spent in inbound and inbound calls etc.)

and found out my mobile ZTE according to the imey:

5803701350365278 ZTE Blade III Поставете карта на друг оператор в телефона и директно ще Ви бъде изискан отключващият код.

Just switched on my ZTE Blade 3 phone and inserted the code and got a message it is wrong but immediately I phone able to connect to Telenor (the ex Globul Mobile operator ) Mobile network Voila! 🙂 Hope this helps small article helps someone else too. Enjoy !


Removing exim and installing qmail / Generate and install pseudo mta dummy package on Debian / Ubuntu etc. .deb based Linux

Thursday, March 10th, 2016

If you happen to be installing Qmail Mail server on a Debian or Ubuntu (.deb) based Linux, you will notice by default there will be some kind of MTA (Mail Transport Agent) already installed mail-transfer-agent package will be installed and because of Debian .deb package depedency to have an MTA always installed on the system you will be unable to remove Exim MTA without installing some other MTA (Postix / Qmail) etc.

This will be a problem for those like me who prefer to compile and install Qmail from source, thus to get around this it is necessery to create a dummy package that will trick the deb packaging depencies that actually mta-local MTA package is present on the server.

The way to go here is to use equivs (Circumvent debian package dependencies):

debian:~# apt-cache show equivs|grep -i desc -A 10

Description: Circumvent Debian package dependencies
 This package provides a tool to create trivial Debian packages.
 Typically these packages contain only dependency information, but they
 can also include normal installed files like other packages do.
 One use for this is to create a metapackage: a package whose sole
 purpose is to declare dependencies and conflicts on other packages so
 that these will be automatically installed, upgraded, or removed.
 Another use is to circumvent dependency checking: by letting dpkg
 think a particular package name and version is installed when it

Btw creating a .deb dummy package will be necessery in many other cases when you have to install from some third party debian repositories or some old and alrady unmaintaned deb-src packages for the sake of making some archaic software to resurrect somewhere, so sooner or later even if you're not into Mail servers you will certainly need equivs.

Then install equivs and go on proceeding creating the dummy mail-transport-agent package

debian:~# cd /tmp debian:~# cp -rpf /usr/share/doc/equivs/examples/mail-transport-agent.ctl . debian:~# equivs-build mail-transport-agent.ctl

Above command will build and package /tmp/mta-local_1.0_all.deb dummy package.
So continue and install it with dpkg as you use to install debian packages


debian:~# dpkg -i /tmp/mta-local_1.0_all.deb

From then on you can continue your standard LWQ – Life with Qmail or any other source based qmail installation with:




So that's it now .deb packaging system consistency will be complete so standard security package updates with apt-get and aptitude updates or dpkg -i third party custom software insatlls will not be breaking up any more.

Hope that helped someone 🙂





Cookie Policy

Thursday, October 1st, 2015

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers

Microsoft Windows most secure OS for 2014 ? – Short OS and Application Security report for 2014

Tuesday, February 24th, 2015


It is shocking news for me and probably to many that according to security specialists at National Vulnerability Database, at present moment for year 2014 Windows looks like more secure than both Apple's (iOS and Mac OS X) as well as to Linux.

Windows has been  bullied for its bad OS design and easier to breach Security compared to Linux, there was a constant hype also of Mac OS users claiming the invulnerability of their BSD based OS, but it seems security breach statistics given by  National Vulnerability Database security breach evaluation reports tell us security issues for 2014 Windows OSes while compared to other OS vulnerabilities in different operating systems such as Linux.

I will have to disappoint Apple Mac fans but in 2014 Mac OS X was found to be riddled with the greatest number of security problems147 in total, including 64 rated as high severity, and 67 as medium.

iOS's security was also ranked poor with 127 vulnerabilities including 32 high and 72 with a medium rating.

For comparison the latest Windows 8.1 had only 36 vulnerabilities, and its predecessors — Windows 8 and 7 — both had same number.
In Enterprise World (users) Windows Server 2007 and 2008 both have 38 vulnerabilities. Reported vulnerabilities were mainly of middle and high severity.


Overall statistics also show there has been a huge increase in the number security vulnerabilities in the NVD security reports database.
In 2013 the number of all logged vulnerabilities were 4,794 while this jumped to 7,038 in y. 2014. The good news is lower percentage of all logged in security issues were rated of critical security importance.
It is mostly third party software not part of OS which contain security issues, 83% of all reported vulnerabilities were laying in 3rd party applications, only 13% percantage were OS specific and 4% hardware related.
Though overall statistics shows Microsoft products more secure than Apple Inc. Products and (Open Source) Linux, though still M$ Internet Explorer is the most insecure web browser, for 2014,  Internet Explorer had  242 vulnerabilities while Google Chrome had 124 security issues and the most secure browser rated for 2014 is (surprising for me) Mozilla Firefox.
It is important to say such statistics are not completely relevant because, for example you can rarely see a Linux desktop user infected with Malware but almost everyone around using Windows OS is malware infected, same goes for Mac OS users, there are plenty of vulnerabilities for Mac but overall security of Mac OS is better as I haven't still met Mac OS users with Viruses and Spyware but I fixed about (30!!) of Microsoft PCs and notebooks infected with various Viruses and badware throughout 2014. Also it should be considered that many securitty bugs are kept secret and actively exploited for a long time by blackhats like it happened recently with Heartbleed and ShellShock vulnerabilities
For those interested, below is a list of top vulnerable applications for 2014


How to install Skype on Nokia n95 8G mobile phone

Saturday, January 5th, 2013


How to install skype on nokia n95 8G java client program

 I was asked if it is possible to install Skype on a Nokia Mobile N95 8G by a relative of a friend I remembered I've earlier installed and used Skype on my Nokia 9300i with some kind of Java Skype client, so I guessed installing Skype on Nokia N95 will be much easier and most likely supported by's available mobile versions.

Further on, I tried downloading from's client mobile download versions and after selecting the model of the Nokia N95 OS which is Symbia, was asked for a mobile number to which Skype will be send via SMS. I've typed in the Mobile number, hoping it will be the usual click on link and authorize Skype download and install on mobile, but instead Skype send me in SMS, just a link to Skype's Mobile download section .

In other words, typing in the phone number and navigating through the URL from the mobile was completely useless. As I ended on the same place where I could manually browse using Nokia embedded Browser ….

Though I did my best to look through all the appearing links in N95's browser I was just redirected to either the same or similar page with  Skype Download button. After getting pissed off of looking and not finding any usable Symbian Skype app install binary (.SIS or SISX), I've decided to just look in Google. If some third party website is not storing  .SISX Skype bin for Nokia N95.  After few minutes of search I've found one offering an Archive with 3 versions of Skype. 2 of the .sisx files
, were versions of Skype which I've installed using Nokia Mobile Suite for Windows. Two of the .sisx files in archive Symbian Mobile Skype ver. 1.5 and Symbian Mobile Skype ver 5 did not work on N95. The binary that launched okay on the Mobile was Skype_S60_3_0_v_1_5_0_12.sisx. Though this binary launches the client and one can choose between the usual Sign In or Register new skype name buttons, it wasn't possible to login with the username and skype. After a bunch of prolonged waiting trying to Sign in the skype showed up again the Skype Login Name and Password prompts.

I spend some more time, trying to Install Fring – free mobile, chat, voice, video Skype substitute program, after reading on few Symbian Forums that fring is able to be used as a mobile substitute for Skype. Just a bit after installing it I've red on some forums some other posts from  2010, saying fring support for Skype is no longer available.  I tried also to login to Fring's client with Skype Login and Pass but login failed thus uninstalled Fring and continued researching online whether Skype can somehow be used on Nokia N95 mobile.

I've found a Skype Java (.JAR) same file version which I have also installed on my Nokia 9300i and downloaded and tried this one as well. Guess what it works 😉 It is not supporting Outgoing Skype users video clients, and it supports incoming Skype Video calls only with pre-purchased Skype call minutes, but Skype messaging works. I've made mirror of nokiaN95.jar Nokia N95 Java skype program here. I was lazy to research further if there is some other software or symbian old version mirrored somewhere on the net working with the N95, but I guess it is possible. If someone reading this post knows a better Skype binary supporting Skype Video and Voice please drop a comment how ? Other way to use skype without loosing time to install Skype client is http://IMO.IM web Skype service