Re: [exim] How can exim be determined? How can the mail tran…

Top Pagina
Delete this message
Reply to this message
Auteur: 韓家標 W B Hacker
Datum:  
Aan: exim users
Onderwerp: Re: [exim] How can exim be determined? How can the mail transfer agentbe determined for a system?
Don Saklad wrote:
> a.
> How can whether exim is the mail transfer agent be determined for this
> system?... What command will give a response with that information?...


If you are in a postion to *issue* a coomand (i..e logged onto the box
in question, then:

'less /etc/group' will show what GID mail creatures are assignmed

'top' should show you which of them, if any, are running.

There will be more in 'ls /var/pkg/db' 9inlcuidng rev levels).

And 'exim -bV' will tell you what it was compiled with.

>
> b.
> How can the mail transfer agent for a system be
> determined?... what commands get responses
> with this kind of information?...
>


Remotely:

- least-effort? Most messages *from* a given server have the entire
trail from desktop onward in the 'full' headers or 'view source'.

For example - this post of yours;

Received: from tahini.csx.cam.ac.uk ([131.111.8.192]:36449)
    by conducive.net with esmtp (Exim 4.63 (FreeBSD))
    (envelope-from <exim-users-bounces+conducive.org@???>)
    id 1JXLec-000PVr-Gm
    for wbh@???; Thu, 06 Mar 2008 19:22:21 +0000
Received: from localhost ([127.0.0.1]:41730 helo=tahini.csx.cam.ac.uk)
    by tahini.csx.cam.ac.uk with esmtp (Exim 4.69)
    (envelope-from <exim-users-bounces@???>)
    id 1JXLcF-0003PM-8D; Thu, 06 Mar 2008 19:18:55 +0000
Received: from zurich.csail.mit.edu ([128.30.16.9]:36338)
    by tahini.csx.cam.ac.uk with esmtp (Exim 4.69)
    (envelope-from <dsaklad@???>) id 1JXLc8-0003OI-3n
    for exim-users@???; Thu, 06 Mar 2008 19:18:52 +0000
Received: from nestle.csail.mit.edu (nestle.csail.mit.edu [128.30.16.13])
    by zurich.csail.mit.edu (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id
    m26J8YsU007935; Thu, 6 Mar 2008 14:08:34 -0500
Received: from dsaklad by nestle.csail.mit.edu with local (Exim 3.35 #1
    (Debian)) id 1JXLSD-0006xn-00; Thu, 06 Mar 2008 14:08:33 -0500


... says you are overdue for an upgrade from Exim 3.35 to 4.X before you
find it hard to get coal to fire it up.


- next best is to telnet to port 25 of the server. By default, the
'banner' displayed usually ID's the MTA and rev level (ours do not..)

- running a scanner, such as nmap, risks running afoul of local laws
that consider ANY sort of probe - even a 'white hat' one to be illegal.

In any case, port 25 is likely to come back on an nmap as simply 'filtered'.


HTH,

Bill