Posts Tagged ‘Gmail’

How to clean QMAIL mail server filled Queue with spam mail messages

Friday, June 8th, 2012

Sys Admins managing QMAIL mail servers know, often it happens QMAIL queue gets filled with unwanted unsolicated SPAM e-mails due to a buggy WEB PHP / Perl mail sendingform or some other odd reason, like too many bouncing messages ,,,,

For one more time I’ve experienced the huge SPAM destined mails queue on one QMAIL running on Debian GNU / Linux.

= … Hence I needed to clean up the qmail queue. For this there is a little tool written in PERL called qmhandle

A+) Download qmhandle;

Qmhandle’s official download site is in SourceForge

I’ve made also a mirror copy of QMHandle here

qmail-server:~# cd /usr/local/src
qmail-server:/usr/local/src# wget -q

As it is written in the program documentation one has to be very careful when cleaning the mail queue. Be sure to stop qmail with qmailctl or whatever script is used to shutdown any mail sever in progress operations, otherwise there is big chance the queue to mess up badly .

C#) Check extended info about the mail queue:

qmail-server:/usr/local/src/qmhandle-1.3.2# ./qmhandle -l -c
102 (10, 10/102) Return-path:
Subject: =?UTF8?B?QWNjb3VudCBpbmZvcm1hdGlvbiBmb3IgU09DQ0VSRkFNRQ==?=
Date: 1 Sep 2011 21:02:16 -0000
Size: 581 bytes
1136 (9, 9/1136)
Subject: Link Exchange Proposal /
Date: Fri, 2 Sep 2011 07:58:52 +0100 (BST)
Size: 1764 bytes
1103 (22, 22/1103)
Subject: =?UTF8?B?QWNjb3VudCBpbmZvcm1hdGlvbiBmb3IgU09DQ0VSRkFNRQ==?=
Date: 2 Sep 2011 00:36:11 -0000
Size: 578 bytes
Total messages: 1500 Messages with local recipients: 0
Messages with remote recipients: 1500
Messages with bounces: 500
Messages in preprocess: 300

D-) Delete the Queue
qmail-server:/usr/local/src/qmhandle-1.3.2# ./qmHandle -D

Fina1ly launch the qmail to continue normal oper.

qmail-server:~# qmailctl start

Share this on

How to quickly check unread Gmail emails on GNU / Linux – one liner script

Monday, April 2nd, 2012

I've hit an interesting article explaining how to check unread gmail email messages in Linux terminal. The original article is here

Being able to read your latest gmail emails in terminal/console is great thing, especially for console geeks like me.
Here is the one liner script:

curl -u \
--silent "" | tr -d '\n' \
| awk -F '' '{for (i=2; i<=NF; i++) {print $i}}' \
| sed -n "s/

Linux Users Group M. – [7] discussions, [10] comments and [2] jobs on LinkedIn
Twitter – Lynn Serafinn (@LynnSerafinn) has sent you a direct message on Twitter!
Facebook – Sys, you have notifications pending
Twitter – Email Marketing (@optinlists) is now following you on Twitter!
Twitter – Lynn Serafinn (@LynnSerafinn) is now following you on Twitter!
NutshellMail – 32 New Messages for Sat 3/31 12:00 PM
Linux Users Group M. – [10] discussions, [5] comments and [8] jobs on LinkedIn
eBay – Deals up to 60% OFF + A Sweepstakes!
LinkedIn Today – Top news today: The Magic of Doing One Thing at a Time
NutshellMail – 29 New Messages for Fri 3/30 12:00 PM
Linux Users Group M. – [16] discussions, [8] comments and [8] jobs on LinkedIn
Ervan Faizal Rizki . – Join my network on LinkedIn
Twitter – LEXO (@LEXOmx) retweeted one of your Tweets!
NutshellMail – 24 New Messages for Thu 3/29 12:00 PM
Facebook – Your Weekly Facebook Page Update
Linux Users Group M. – [11] discussions, [9] comments and [16] jobs on LinkedIn

As you see this one liner uses curl to fetch the information from's atom feed and then uses awk and sed to parse the returned content and make it suitable for display.

If you want to use the script every now and then on a Linux server or your Linux desktop you can download the above code in a script file here

Here is a screenshot of script's returned output:

Quick Gmail New Mail Check bash script screenshot

A good use of a modified version of the script is in conjunction with a 15 minutes cron job to launch for new gmail mails and launch your favourite desktop mail client.
This method is useful if you don't want a constant hanging Thunderbird or Evolution, pop3 / imap client on your system to just take up memory or dangle down the window list.
I've done a little modification to the script to simply, launch a predefined email reader program, if gmail atom feed returns new unread mails are available, check or download my here
Bear in mind, on occasions of errors with incorrect username or password, the script will not return any errors. The script is missing a properer error handling.Therefore, before you use the script make sure:


are 100% correct.

To launch the script on 15 minutes cronjob, put it somewhere and place a cron in (non-root) user:

# crontab -u root -e
*/15 * * * * /path/to/

Once you read your new emails in lets say Thunderbird, close it and on the next delivered unread gmail mails, your mail client will pop up by itself again. Once the mail client is closed the script execution will be terminated.
Consised that if you get too frequently gmail emails, using the script might be annoying as every 15 minutes your mail client will be re-opened.

If you use any of the shell scripts, make sure there are well secured (make it owned only by you). The gmail username and pass are in plain text, so someone can steal your password, very easily. For a one user Linux desktops systems as my case, security is not such a big concern, putting my user only readable script permissions (e.g. chmod 0700)is enough.

Share this on

How to change users quota to NO QUOTA on Qmail with Vpopmail Mail server install / Qmail mail over quota issue

Monday, February 20th, 2012


Qmail Vpopmail quota exceeded Dolphin Logo

Already on a couple of mail boxes located on one of the qmail powered mail servers I adminiter, there is an over QUOTA reached problem encountered.

Filling up the mailbox quota is not nice as mails starts get bounced back to the sender with a message QUOTA FULL or EXCEEDED MESSAGE, if this is a crucial mail waiting for some important data etc. the data is never received.
Below is a copy of the mail quota waarning notification message:

Date: Wed, 15 Feb 2012 17:40:36 +0000
X-Comment: Rename/Copy this file to ~vpopmail/domains/.quotawarn.msg, and make appropriate changes
X-Comment: See README.quotas for more information
From: Mail Delivery System <>
To: Valued Customer:;
Subject: Mail quota warning
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 7bit
Your mailbox on the server is now more than 90% full. So that you can continue
to receive mail you need to remove some messages from your mailbox.

As you can read from the copy of the mail message above, the message content sent to the mail owner whose quota is getting full is red from /var/vpopmail/domains/.quotawarn.msg

The mail reaching quota problem is very likely to appear in cases like low mailbox quota set, but sometimes also occurs due to bugs in vpopmail quota handling.

Various interesting configuration settings for mail quotas etc. are in /home/vpopmail/etc/vlimits.default file, (assuming vpopmail is installed in /home).

In my specific case, the default vpopmail mailbox quota size was set to only 40 Megabytes.
40MB is too low if compared to todays mailbox size standards which in Gmail and Yahoo  mail services are already a couple of gigabytes.
Hence to get around the quota troubles, I  removed the quota for the mail.
To remove the quota size in vpopmail set for address ( used cmd:

qmail-server:~# vmoduser -q NOQUOTA

To save myself from future quota issues, I decided to apply a permanent fix to all those over quota size VPOPMAIL mailbox problems by removing completely quota restriction for all mailboxes in my vpopmail existent mail domain.

To do so, I wrote a quick simple bash loop one-liner script:

qmail-server:~# cd /home/vpopmail/domains
qmail-server:~/vpopmail/domains# cd
qmail-server:~/vpopmail/domains/ for i in *; do \
vmoduser -q NOQUOTA $(echo $i|grep -v vpasswd); \

This works only on vpopmail installations which are configured to store the mail messages directly on the filesystem. Therefore this approach will not work for people who during vpopmail install had configured it to store mailboxes in MySQL or in other kind of SQL db engine.

Anyways for Vpopmail installed to use SQL backend, the script can be changed to read directly a list with all the mailboxes obtained from databasae (SQL query) and then, loop over each of the mail addresses apply the vmoduser -q NOQUOTA

I've written also a few lines shell script (, it accepts one argument which is a vpopmail domain to which the admin would like to reset all applied mailbox quotas. The script is useful, if you have to often remove all quotas for vpopmail domainsor have to do quota wipe out simultaneously for multiple email domain names  located on different servers.

Share this on

IE PassView – View stored Microsoft Internet Explorer passwords program

Thursday, January 5th, 2012

While checking a friend of mine's blog, I've seen a reference to a Windows program capable of revealing stored website passwords.
Check stored internet explorer passwords in plaintext with IE PassView

IE PassView is a small password management utility that reveals the passwords stored by Internet Explorer Web browser, and allows you to delete passwords that you don't need anymore. It supports all versions of Internet Explorer, from version 4.0 and up to 9.0.
Ie PassView is quite a good one for crackers, who would like to steal some lame poor Windows IE user facebook,gmail, yahoo etc. passwords 😉 here is a link to IE Passview's download page

Share this on

How to crack password protected rar and 7z files on GNU / Linux

Friday, October 7th, 2011

break / crack password protected rar, zip archives on Linux and FreeBSD rarcrcack

RarCrack is able to crack rar and 7z archive files protected by password on Linux.
The program is currently at release version 0.2, so its far from perfection, but at least it can break rars.

RarCrack is currently installable on most Linux distributions only from source, to install on a random Linux distro, download and make && make install . RarCrack’s official site is here, I’ve mirrored the current version of RarCrack for download here . To install rarcrack from source using the mirrored version:

linux:~# wget
linux:~# tar -jxvvf rarcrack-0.2.tar.bz2
linux:~# cd rarcrack-0.2
linux:~/rarcrack-0.2# make
linux:~/rarcrack-0.2# make install

On FreeBSD, rarcrack is available and installable via the ports tree, to install on FreeBSD:

freebsd# cd /usr/ports/security/rarcrack
freebsd# make && make install

To use RarCrack to crack rar, zip or 7z archive file:

freebsd% rarcrack rar_file_protected_with_password.rar --type rar

The argument –type rar is optional, in most archives RarCrack should detect the archive automatically. The –type option could also take the arguments of rar and 7z .

I’ve created a sample rar file protected with password linux_then_and_now.png.rar . The archive linux_then_and_now.png contains a graphic file illustrating the linux growth in use in computers, mobiles and servers. linux_then_and_now.png.rar is protected with the sample password parola

RarCrack also supports threads (a simultaneous instance spawned copies of the program). Using threads speeds up the process of cracking and thus using the –threads is generally a good idea. Hence a good way to use rarcrack with the –threads option is:

freebsd% rarcrack linux_then_and_now.png.rar --threads 8 --type rar
RarCrack! 0.2 by David Zoltan Kedves (
INFO: the specified archive type: rar
INFO: cracking linux_then_and_now.png.rar, status file: linux_then_and_now.png.rar.xml
Probing: '0i' [24 pwds/sec]
Probing: '1v' [25 pwds/sec]

RarCrack‘s source archive also comes with three sample archive files (rar, 7z and zip) protected with passwords for the sake of testing the tool.
One downside of RarCrack is its extremely slow in breaking the passwords on my Lenovo notebook – dual core 1.8ghz with 2g ram it was able to brute force only 20-25 passwords per second.
This means cracking a normal password of 6 symbols will take at least 5 hours.
RarCrack is also said to support cracking zip passwords, but my tests to crack password protected zip file did not bring good results and even one of the tests ended with a segmentation fault.

To test how rarcrack performs with password protected zip files and hence compare if it is superior or inferior to fcrackzip, I used the fcrackzip’s sample pass protected zip

hipo@noah:~$ rarcrack --threads 8 --type zip
2 by David Zoltan Kedves (
INFO: the specified archive type: zip
INFO: cracking, status file:
Probing: 'hP' [386 pwds/sec]
Probing: 'At' [385 pwds/sec]
Probing: 'ST' [380 pwds/sec]

As you can see in above’s command output, the zip password cracking rate of approximately 380 passwords per second is a bit quicker, but still slower than fcrackzip.

RarCrack seg faults if cracking a pass protected zip is passed on without specifying the –type zip command arguments:

linux:~$ rarcrack --threads 8
RarCrack! 0.2 by David Zoltan Kedves (
Segmentation fault

While talking about cracking protected rar and zip archives with password, its worthy to mention creating a password protected archive with Gnome Desktop on Linux and FreeBSD is very easy.

To create the password protected archive in Gnome graphic environment:

a. Point the cursor to the file you want to archive with password

Gnome pointing file properties drop down menu

b. Press on Other Options and fill in the password in the pwd dialog

Linux protect rar with password on Gnome Desktop

I think as of time of writting, no GUI frontend interface for neither RarCrack or FcrackZip is available. Lets hope some good guy from the community will take the time to write extension for Gnome to allow us to crack rar and zip from a nice GUI interface.

Share this on

Filter messages in Qmail with unwanted words, get rid of the Viagra annoying spam with Qtrap

Sunday, September 4th, 2011

Drop qmail received mail containing banned / unwanted words to get rid of Viagra and Sex related spam

Recently the annoying Viagra spam has emerged again. Therefore I decided to clean up some of the mails received to one of the qmail servers to protect users emailbox from this viagra peril.

To do so I’ve remember about an old script which used to be part of qmail install, the script is called qtrap and is able to filter emails based on list of specific mail contained words.
Since is gone (down) for some time and its still available only on few mirrored locations which by the way are not too easy to find I decided to write a little post on how could be integrated quick & easy with any Qmail + Vpopmail install out there.

Hereby I include the description for given by the script author:

“ script is applied on a per domain basis and serves as a “bad word” scanner to catch any spam that Spamassassin may have missed. This filter serves as the last defense against SPAM before it arrived in your inbox. I like this filter because it helps to get rid of any SPAM that happens to make it by Spamassassin. Without any protection at all, my mailbox gets a shit ton of SPAM every day. Within the first 3 months I enacted the Qtrap filter, Qtrap logged over 9,000 deleted SPAM messages, none of which were legitimate e-mails. My keyboard’s delete key was very appreciated the extra rest.

Any emails that are scanned and contain a banned word will be automatically deleted and logged by the qtrap script. A whitelist feature now exists so that individual addresses or domains can be exempt from the qtrap scan.”

Now as one might have general idea on what the script does. Here is the step by step integration;

1. Create necessery qtrap directory and logs and set proper permissions

If the vpopmail is installed in /home/vpopmail , issue the following commands.

debian:~# cd /home/vpopmail
debian:~# mkdir -p qtrap/logs
debian:/home/vpopmail/qtrap# cd qtrap
debian:/home/vpopmail/qtrap# wget
debian:/home/vpopmail/qtrap# cd ~
debian:~# touch /home/vpopmail/qtrap/logs/qtrap.logdebian:~# chown -R vpopmail:vchkpw /home/vpopmail/qtrapdebian:~# chmod -R 755 /home/vpopmail/qtrap

On older qmail installations it could be vpopmail is installed in /var/vpopmail if that’s the case, link /var/vpopmail to /home/vpopmail and go back to step 1. To link:

debian:~# ln -sf /var/vpopmail/ /home/vpopmail

2. Edit to whitelist email addresses and build a ban words list

a) Include the email addresses mail arriving from which would not be checked by

Inside in line 63, there is a shell function whitelist_check(), the function looks like so:

whitelist_check () {
case $WHITELIST in|
echo $SENDER found in whitelist on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log
exit 0;;

By default the script has just two sample mails which gets whitelisted this is the line reading:|

The whitelisted emails should be separated with a pipe, thus to add two more sample emails to get whitelisted by script the line should be changed like:|||

In order to whitelist an entire domain let’s say add a line to the above code like:||||*

b) Defining the bad words ban list, mails containing them should not be delivery by qmail

The function that does check for the ban word list inside the script is checkall();, below is a paste from the script function:

checkall () {
printout $BANNED_WORDS
echo MESSAGE DROPPED from $SENDER because of $BANNED_WORDS on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log
exit 99;;

checkall(); is located on line 74 in, the exact list of banned words which the script should look for is located on line 76, the default filters only mails containing just 4 words, e.g.:


To add the Viagra and VIAGRA common spam words to the list, modify it and expand like so:


The delimiter is again | , so proceed further and add any unwanted spam words that are not common for any legit mails.

3. Install to process all emails delivered to vpopmail

If its necessery to install the dropping of mails based on word filtering only to a single vpopmail virtualdomain do it with cmd:

debian:~# cd /home/vpopmail/domains/
debian:/home/vpopmail/domains/ touch
debian:/home/vpopmail/domains/ echo '| /home/vpopmail/qtrap/' >>
debian:/home/vpopmail/domains/ echo "| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox" >>
debian:/home/vpopmail/domains/ chown vpopmail:vchkpw
debian:/home/vpopmail/domains/ cp -rpf .qmail-default .qmail-default.bak; mv .qmail-default
If however needs to get installed for all existing vpopmail virtualdomains on the qmail server, issue a one liner bash script:

debian:~# cd /home/vpopmail/domains
debian:/var/vpopmail/domains# for i in *; do cd $i; echo "| /home/vpopmail/qtrap/" >> $i/;
echo "| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox" >> $i/;
chown vpopmail:vchkpw; mv .qmail-default .qmail-default.old; mv .qmail-default; cd ..; done

This for loop will add ‘| /home/vpopmail/qtrap/’ to all .qmail-default for all vpopmail domains.

Afterwards the .qmail-default file should contain the following two lines:

| /home/vpopmail/qtrap/
| /home/vpopmail/bin/vdelivermail '' delete

A very important thing here you should consider that adding some common words, as let’s say hello or mail etc. could easily drop almost all the emails the qmail hands in to vpopmail.

Caution!! Never ever implement common words in the list of words !!
Always make sure the banned words added to are words that are never enter an everyday legit email.

Another thing to keep in mind is that doesn’t make a copy of the received message ,though it can easily be modified to complete this task.
Any mail that matches the banned words list will be dropped and lost forever.

4. Check if is working

To check, if qtrap is working send mail to some mailbox located on the qmail server containing inside subject or mail message body the unwanted word defined inside

The mail should not be received in the mailbox to which its sent, if qtrap is working moreover should log it inside it’s log file:

debian:~# cat /home/vpopmail/qtrap/logs/qtrap.log
MESSAGE DROPPED from because of viagra on 09/03/11 11:34:19
MESSAGE DROPPED from because of Viagra on 09/03/11 11:39:29

If the qtrap.log contains records similar to the one above, and the mail matching the banned word is not delivered, is properly configured. If any issues check in qmail logs, they should have a good pointer on what went wrong with invokation.

Note that I’ve integrated to custom qmail install running on Debian Lenny 5.0 GNU/Linux.
If I have time I’ll soon test if its working fine on the latest stable Debian Squeeze and will report here in comments.
If however someone is willing to test if the script works on Debian Squeeze 6.0 or have tested it already please drop a comment to report if it works fine., is a bit oldish and is not written to work too optimal therefore on some heavy loaded mail servers it can create some extra load and a bit delay the mail delivery. Thus when implementang one needs to consider the downsides of putting it in.

Also I was thinking tt might be nice if the script is rewritten to read the ban words and whitelist mails from files instead of as it is now as the words are hard coded in the script.
If I have some free time, I’ll probably do this, though I’m not sure if this is a too good idea as this might have a negative performance impact on the script execution time, as each instance of the script invoked should do one more operation of reading a file storing the ban words.

Well that’s pretty much it, enjoy 😉

Share this on

Xtractor Extreme, Power Email Harvester and AMS (Advanced Mass Sender) three Windows programs to Beware of

Monday, August 15th, 2011

AMS (Advanced Mass Sender /Spammer) , POwer Email Harvester, Xtractor Extreme Pro Windows VPS screenshot

Few days ago, I’ve catch some Spammers on some of the servers running Windows inside Virtual Private Servers.

I was doubting if I want to write an article to mention about this 3 piece of software as it might be a bit boury however eventually I thought the goods of it will be better so I just took minutes and wrote it.

Back to the topic the three programs which the spammer was installed and prepare to do his spamming job on the VPS server was:
1. Xtractor Extreme

2. Power Email Harvester

3. Advanced Mass Sender

In order to hide his real IP address and prevent the IP he was spamming, he has also installed some anonyous proxy like Windows software called Hide My IP

The first program Xtractor is basicly an Email collector, the program crawls the net and searches to match email string on web pages.
It get target websites from major search engines.
You put an email like inside it and it starts spidering and grabs all email strings under the domain Besides that Xtractor Extreme Pro is freeware and can be easily downloaded from many locations online.

Power Email Harvester‘s program name is also quite self-explanatory, what it does is it digs the net for email addresses and generates spam lists … This is the ultimate tool for a spammer, however the guys who create this piece of disruptive software has branded it as “a marketing tool” and even sold and advertised as a tool to help an e-marketing campaign.
This is of course just a word play and in fact in my viewe these program should be prohibited by international law.

Advanced Mass Sender is another piece of Spammer software which officially is tagged as marketing software and is sold and recommended as an useful tool for e-marketing.

I’ve take the time to take a quick and test the spammer installed AMS , honestly I’ve been amazed how far spamming has went during the last 5 years.

This AMS shit is capable of creating a target groups which could easily be spammed whether each group can contain up to 200000+ ! target emails
Advanced Mass Sender can even check if a certain email is present on the remote mail server and only then tries to deliver.
Besides that it even supports sending the spam mails via multiple mail servers (simultaneously) to increase the thoroughput as well as supports proxy servers…

I decided to write this few lines article to raise some awareness about this shitty sofware in a hope that somebody who is Administrating / Supporting client owned Windows servers or Virtual Private Servers will be able to read about this 3 ones and stop spammers before they succeed to create mail havoc with their ugly spam stuff.

Share this on