Mongo Configuration

Create admin user:

Connect with mongo command, then type use admin.

After run db.createUser({user: “mongo”, pwd: “mongo”, roles: [“userAdminAnyDatabase”]});

the new user you set is mongo and password mongo but you can choose what you want.

use these command:

show collections
use admin    ->   db.system.namespaces.find()
show dbs

Quantitative Trading Summary

This summary is an attempt to shed some light on modern quantitative trading since there is limited information available for people who are not already in the industry. Hopefully this is useful for students and candidates coming from outside the industry who are looking to understand what it’s like working for a quantitative trading firm. Job titles like “researcher” or “developer” don’t give a clear picture of the day-to-day roles and responsibilities at a trading firm. Most quantitative trading firms have converged on roughly the same basic organizational framework so this is a reasonably accurate description of the roles at any established quantitative trading firm.

The product of a quantitative trading company is an automated software program that buys and sells electronically traded securities to make a profit. This software program is supported by many systems designed to maintain and optimize it. Most companies are roughly divided into 3 main groups: strategy research, core development, and operations. Employees generally start and stay in one of these groups throughout a career. This guide focuses on strategy research and core development roles.

Primary job requirements:

  • Strategy research (‘research’): Programming, statistics, trading intuition, and the ability to understand market data
  • Core development (‘dev’): Low-level software engineering, networking, and system architecture

The software components of a quantitative trading system are built by one of these two teams. The majority of the components are built in-house at most major trading firms, so below is a list of the programs you could expect to build or maintain if you were on the research or dev teams. Each of these programs can be a separate process, although we’ll discuss some variants later.

Programs for live production trading:

  1. Market data parser: Dev. Normalizes each exchange’s protocol (including different versions over time) into the same internal format.
  2. Trading strategy: Research/Dev. Receives normalized data, decides whether to buy or sell.
  3. Order gateway: Dev. Converts from internal order format to each exchange’s order entry protocol (different than the market data protocol).

Programs to support live production trading:

  1. Monitoring GUI: Dev. GUIs used to be important for click traders but are now mainly used to monitor that the trading system is performing appropriately. They are still occasionally used to manually adjust a few parameters, such as overall risk tolerance.
  2. Drop copy: Dev. Secondary order confirmation to make sure you have the trading positions you think you do.
  3. Market data capture: Dev. Record the market data in parallel to what’s going into the strategy to verify later that the strategy behaved as intended and to run statistical tests on historical data (live capture is more reliable than purchasing from a vendor so most major firms avoid buying data from a vendor).
  4. Startup scripts: Dev/Operations. Launch all these different software programs in the right order and at the right time of day each time they need to be restarted (typically daily or weekly), and alert or recover from startup problems.

Programs to optimize and analyze the trading strategy:

  1. Parameter optimization: Research. Regressions or other metrics to help people compare one trading strategy parameter setting to another to find the best.
  2. Production reconciliation: Research. Metrics to confirm that the state in the trading strategy’s internal algorithm matched calculations using captured market data.
  3. Back testing simulator: Research. Shows estimated trading strategy profit or loss on historical data.
  4. Graphing: Dev/Research. Display profit or loss, volume, price and other statistics over time.

In a ‘typical’ established quantitative trading company the department breakdown would be:

  • Research
  • Dev
  • Back office and operations
    • operations/monitoring
    • telco/networking/hardware
    • accounting/HR
    • management/business development
    • legal/compliance

Since we won’t focus on them later, here’s a brief description of the latter groups:

  • Operations/monitoring: Monitor strategies and risk intraday and overnight to ensure there are no problems (like Knight Capital’s +$400m loss).
  • Telco/networking/hardware: Purchase and rack servers, configure switch firmware, operating system settings, and network interface cards or FPGAs, connect co-located datacenters (possibly in different countries), etc.
  • Accounting/HR: Like any business there is tax, accounting, and human resources work
  • Management/business development: There’s a lot of legwork to trading multiple exchanges around the world, such as finding contacts in other countries, negotiating fees, licensing telecom networks, and keeping ahead of new updates.
  • Legal/compliance: Trading is one of the most regulated industries. There are US and international regulators (SEC, CFTC, FCA, etc), huge and diverse rulesets such as MIFID, industry regulating agencies like FINRA, and exchange-level self-regulatory regimes (CME, NYSE, etc) that each have their own rules. Ensuring and documenting compliance with each set of rules takes a lot of work.

Some of the key differentiating factors between quantitative trading companies are:

  1. How they divide up research teams – internal collaboration vs competition between siloed research/trading teams.
  2. Which exchanges and products they focus on.
  3. What type of trading strategy is used and how it’s optimized.

Although we are unable to explain how each specific company divides up their research/trading teams, the overall structure and organization of employees and software at most major quantitative trading firms follows a similar general pattern to what was described above.

Trading strategies

Now that you have a high-level understanding of what a typical quantitative trading company does and the different roles that exist, let’s go into more detail about trading strategies.

The industry has generally settled on three main types of strategies that are sustainable because they provide real economic value to the market:

  • Arbitrage: Arbitrage and its economic benefits have been well understood for quite some time and documented by academia. The companies that are still competitive in arbitrage have one of 3 advantages:
    • Scale: To determine that some complex option or futures spread products are mispriced relative to a set of others, nontrivial calculations must be performed, including the fee per leg, and then the hedged position has to be held and margined until expiry. Being able to manage this and have low fees requires scale.
    • Speed: Speed either comes from having faster telco or being able to hedge. For example, triangular arbitrage on FX products traded in London, NY, and Japan and are a major impetus for the Go West and Hibernia microwave telecom projects. Arbitrageurs rely on the speed of their order gateway connections so they can hedge on related markets if they are overfilled.
    • Queue position: Being able to enter one leg of an arbitrage by passively buying on the bid or selling on the offer reduces costs by not having to cross the spread on that leg, so being able to achieve good queue position can give an edge in arb trades.
  • Market Taking: Placing a marketable buy or sell order to profit from a predicted price change. The economic value market takers are being paid for is either:
    • properly pricing the relative value of related securities
    • trading and thereby contributing to price discovery in products after observed changes in supply and demand

    Like a real estate negotiation that can change a deal’s value minute-by-minute when negotiators come to the table face-to-face and discover each other’s positions, even though the fundamentals of the deal or real estate market certainly don’t fluctuate by the minute, market takers are the high-stakes-mediators of the trading world. Market taking requires predictive signals and relatively low-latency because you pay to cross the spread. A common low-latency market taking strategy would be to attempt to buy the remaining liquidity at a price after a large buy trade. Some firms have FPGAs configured to send orders as soon as they see a trade message matching the right conditions (more on this later).

  • Market Making: Posting passive non-marketable buy and sell orders with the goal to profit from the spread. The economic value market makers are being paid for is connecting buyers and sellers who don’t arrive at the market at the same time. Market makers are compensated for the risk that there may be more buyers than sellers or vice versa for an extended time, such as during times of market stress.

Basic trading system design

A quantitative trading system’s input is market data and its output is orders. In between is the strategy algorithm.


The input to a trading system is tick-by-tick market data. The input is handled in an event loop. The events are the packets sent by the exchange that are read off the network and normalized by the market data parser. Each packet gives information about the current supply and demand for a security and the current price. A packet can tell you one of three things:

  • A limit order was added to the book. Primary fields: {price, side, order id, quantity}
  • A limit order was canceled. Primary fields: {order id}
  • A trade occurred. Primary fields: {price, aggressor side, quantity}

For example, a few packets look like this (for a more detailed, real example see here):

AddOrder { end_of_packet: 1; seq_number: 103901; symbol_id: 81376629; receive_time: 13:03:46.304606537089; source: 1; side: S; qty: 1; order_id: 210048618; price: 99.25; }

CancelOrder { end_of_packet: 1; seq_number: 103900; symbol_id: 81376629; receive_time: 13:03:41.863834923132; source: 1; qty: 0; order_id: 210048542; price: 99.00; side: S; }

Trade { end_of_packet: 1; seq_number: 103902; symbol_id: 81376629; receive_time: 13:03:46.304606537835; source: 1; aggressor_side: B; qty: 1; order_id: 210048321; price: 99.00; match_id: 20154940; }

If the trading system adds up all the AddOrder packets and subtracts CancelOrder and Trade packets, it can see what the order book currently looks like. The order book shows the aggregate visible supply and demand currently available at each price. The order book is an industry-standard normalization layer.

When you add up all the orders, the order book could look like this:

Sell 10 for $99.25

Sell 5 for $99.00 (best offer)

Buy 10 for $98.75 (best bid)

Buy 10 for $98.50

This is the main view of the market data input used by the strategy algorithm.

Strategy algorithm

To put into practice what we discussed above, let’s outline a market taking strategy utilizing what is often referred to as market micro-structure signals that may have made money back before quantitative trading became very competitive. Some companies have each member of their intern classes program a strategy like this as a teaching project during a summer. This strategy calculates some signals using the order book as input, and buys or sells when the aggregate signals are strong enough.

Market microstructure signals

A signal is an algorithm that takes market data as the input and outputs a theoretical price for a security. Market micro-structure signals generally rely on price, size, and trade data coming directly from data feeds. Please reference the order book state provided previously as we walk through the following signal examples.

  • A basic signal, likely used in some form by most firms, is ‘book pressure’. In this case book pressure is simply (99.00*10 + 98.75*5)/(10+5) = 98.9167. Because there is more demand on the bid, the theoretical price is closer to the offer than the bid. Another way of understanding why this is a valid predictor it is that if buy and sell trades randomly arrive in the market on the bid and offer, then there’s a 2/3 chance of them filling the entire offer before the entire bid, because it’s 2 times bigger, so the expected future price is slightly closer to the offer than the bid.
  • A second basic signal that many quantitative trading firms use is ‘trade impulse’. A common form is to plug trade quantity into something like the book pressure formula, but with the average bid and offer quantity in the denominator instead of the current quantity (let’s say the average is 15). So if there is a sell trade for 9 on this book, the trade impulse would be -0.25*9/15 = -0.15. This example signal would only be valid for the span of 1 packet. Another way of understanding why this is a valid predictor is that sometimes buy and sell trade quantity is autocorrelated over very short intervals, because there are often multiple orders in flight sent in reaction to the same trigger by different people (this is easily measured), so if you see one sell trade, then typically the next order will also be a sell.
  • A third common basic signal is ‘related trade’. Basically, you could just take the same signal as (2), but translate it over from a different security that is highly correlated, by multiplying it by the correlation between them.

The book pressure and trade impulse signal are enough to create a market taking strategy. After the sell trade for 9, the remaining quantity on the book is:

Sell 10 for $99.25

Sell 5 for $99.00 (best offer)

Buy (10-9 = 1) for $98.75 (best bid)

Buy 10 for $98.50

But our theoretical price is = book pressure + trade impulse = (99.00*1 + 98.75*5)/(1+5) + -0.25*9/15 = 98.79167 – 0.15 = $98.64167! Since our theoretical price is below the best bid, we will send an order to sell the last remaining quantity of 1 at $98.75, for a theoretical profit of $0.10833.

That is a high-level overview of a simple quantitative strategy, and provides a basic understanding of the flow from the input (market data) to the output (orders).

Digression: Trade signal on an FPGA

If you ran the market taking strategy from the previous section live in a real trading system, you would likely find that your orders rarely get filled. You want to trade when your theoretical price implies there’s a profitable opportunity, but other trading systems are faster than yours so their orders reach the market first and there’s nothing left for you.

State of the art latency, as of 2017, can be achieved by putting the trading logic on an FPGA. A basic trading system architecture with an FPGA is to have the FPGA connected directly to the exchange and also to the old trading system. The old trading system is now only responsible for calculating hypothetical scenarios. Instead of sending the order, it notifies the FPGA what hypothetical condition needs to be met to send the order. Using the same case as before, it could hypothetically evaluate the signal for a range of trade quantities:

  • Sell trade, quantity = 1…
  • Sell trade, quantity = 2…
  • Sell trade, quantity = 3…
  • Sell trade, quantity = 4…
  • Sell trade, quantity = 5…
  • Sell trade, quantity = 6: (99.00*4 + 98.75*5)/(4+5) + -0.25*6/15 = 98.7611
  • Sell trade, quantity = 7: (99.00*3 + 98.75*5)/(3+5) + -0.25*7/15 = 98.7271
  • Sell trade, quantity = 8…

With any sell trade of quantity 7 or more, the theoretical price would cross below the threshold of the best bid (98.75), indicating a profitable opportunity to trade, so we’d want to send an order to sell the remaining bid. With a trade quantity of 6 or less we wouldn’t want to do anything.

The FPGA is pre-programmed to know the byte layout of the exchange’s trade message, so all it has to do now is wait for the market data, and then check a few bits and send the order. This doesn’t require advanced Verilog. For example, the message from the exchange could look like the following struct:

struct Trade {

uint64_t time;

uint32_t security_id;

uint8_t side;

uint64_t price;

uint32_t quantity;

} __attribute__((packed));

Because of the relative ease of this setup, it has become a very competitive trade – some trading firms can make these types of trade decisions in less than one microsecond. Also, because the FPGA connects directly to the exchange, an additional connection must be purchased for each FPGA, which can get expensive. Unfortunately, if you only have one shared connection, and broadcast data internally with a switch, the switch might introduce too much latency to be competitive. Many companies will now pay for multiple connections which raises their costs significantly.

Digression: ‘Minimum viable trading system’

As I mentioned above, the simple 3-signal trading strategy could have made money several years ago. Even a few years ago, the ‘minimum viable trading system’ that could cover trading fees was simple enough that an individual could build a successful one. Here’s a good article by someone who created their own trading system in 2009, and could be another starting point to understand the basics of automated trading if all of this has gone over your head-

This guide only covers, at a high level, trading and work being done by professionals in established quantitative trading firms, so things like co-location, direct connection to the exchange without going through an API, using a high-performance language like C++ for production (never Python, R, Matlab, etc), Linux configuration (processor affinity, NUMA, etc), clock synchronization, etc are taken for granted. These are large and interesting topics which are now well understood inside and outside the industry.

Other strategies besides market micro-structure signals

Market micro-structure signal based strategies, as described above before the two digressions, are just one type of strategy. Here are some other example trading strategy algorithm components used by many major quantitative trading companies:

  • Model based
  • Rule based
    • Only buy or sell during a certain time range
    • Don’t trade against an iceberg order
    • Cancel a resting order if the queue position is worse than 50%
    • Don’t trade if the last 10 trades lost money

Supporting research infrastructure

Now that you have a brief high-level overview of the production trading system, let’s dive deeper into research. The job of a researcher is to optimize the settings of the trading system and to ensure it is behaving properly. Working for an established company, this whole software system will likely already be in place, and your job would be to make it better.

With that in mind, here are some more details about 4 other main software components I listed above that are programmed and used by the research team to optimize and analyze the trading strategy:

  1. Parameter optimization: Most major quantitative trading firms have a combination of signals, model-based pricing, and rule-based logic. Each of these also have parameters. Parameters enable you to tailor a generic strategy to make more money on a specific product, or adapt it over time. For one product, you might want to weight a certain signal higher than another, or you might want to down-weight it as the signal decays. You quickly run into the curse of dimensionality as parameter permutations multiply. One of the main jobs for a researcher is to figure out the optimal settings for everything, or to figure out automated ways of optimizing them. Some approaches include:
    • Manual selection based on intuition
    • Regression for signal weights or hedge ratios
    • Live tweaking or AB testing in production
    • Backtesting different settings and picking the best
  2. Production reconciliation: Sophisticated strategies have many internal components that need to be continually verified in live production trading. Measuring these, monitoring them, and alerting on discrepancies is how researchers make sure things are working as they expected. If the algorithm performs differently in production than it did on historical data, then it may lose money when it was supposed to be profitable.
  3. Backtesting simulator: Plenty of information is available publicly about backtesting, such as the tools available from Quantopian or TradeStation. Simulating a low latency strategy using tick data is challenging. The volume of data to simulate a single day reaches into the 100s of GBs so storing and replaying data requires carefully designed systems.
  4. Graphing: The trading strategy is a mathematical formula in a computer, so debugging it and adding new features can be difficult. Utilizing a Python or JavaScript plotting library to publish custom data and statistics can be helpful. Additionally, it is essential to understand positions and profits or losses during and after the trading day. Graphical representations of different types of data sets makes many tasks easier.


Most people who are new to the industry think that researchers primarily work on new signal development, and developers primarily optimize latency. Hopefully now it’s obvious that the system has so many components that those two jobs are just a few parts of a much wider set of roles and responsibilities. The most important skills for success are actually very close attention to detail, hard work, and trading intuition. On top of that it should be clear that having strong programming skills is essential. All of these systems are tailor-made in-house and have to be constantly tweaked and improved by the users themselves – you.


If you’re interested in joining our team at Headlands, please see our careers page and send your resume to



The information above is a collection of some helpful information to shed some light on what a quantitative trading firm does and what you could be doing if you worked at one.  The information, although intended to be helpful to you, should not be relied on and is not represented to be accurate or current. Please note this is by no means an exhaustive description of what goes on at a quantitative trading firm.  Nor should this be taken as covering industry best practices or everything you need to know to start trading quantitatively.  This is simply a very high overview of information I think those considering joining a quantitative trading firm may find useful as they navigate the interview process. 

Appendix: Latency and the timing of events

Similar to the breakdowns by Grace Hopper ( and Peter Norvig (, here’s a table of approximately how long things take:

  • Time to receive market data and send an order via an FPGA: ~300 nanoseconds
  • Time to receive market data and send an order via a ‘slow’ software trading system: ~30 microseconds
  • Minimum time between two packets from the exchange: ~10-1000 microseconds
  • Microwave between BATS and INET stock exchanges: ~100 microseconds
  • Fiber between BATS and INET stock exchanges: ~150 microseconds
  • Time for an exchange to match an order and send a response: ~100 microseconds – ~5 milliseconds
  • Microwave between NY and Chicago: ~4 milliseconds
  • Fiber between NY and Chicago: ~7 milliseconds
  • Fiber between NY and European exchanges: ~35 milliseconds

Appendix: Exchange idiosyncrasies

Exchanges almost all use different technology, some which dates back 10+ years. Different technology decisions and antiquated infrastructure have resulted in trading idiosyncrasies. There are many publicly available discussions of the effects of these idiosyncrasies. Here are a few interesting items:

10 Simple Tricks to Eliminate Spam User Registration

Are you getting hit with notifications of spammy accounts being created on your WordPress website? Take action now to stop spam in its tracks. In this article, we’ll show you 10 simple tricks to eliminate spam user registration.

Stop Spam Registrations in WordPress

Did you know that malicious computer programs called “spambots” search the internet looking for vulnerable websites? One method they have of forcing themselves into your site is by creating spammy user accounts.

By default, WordPress websites allow for user registrations from a specific link:

These spambots are programmed to go looking for that link to register fake users.

To protect your site and stop spammer registrations in WordPress, you can use the simple tricks below.

Note: You don’t need to do ALL of the methods listed here. Instead, just pick the ones that work for you and your site.

1. Set the Default User Role in WordPress

The first way you can protect your website is to change the default settings for new account registrations.

To do that, you can go to Settings » General.  Here you can uncheck the Membership box to make sure that no one can register on your site.

What if you want to allow real visitors to register, though? For example, you might want to require new readers to register for an account before they comment on your blog posts.

In that case, we recommend using the Subscriber role as the default role for new members. It’s more secure than other roles because it doesn’t allow access to the WordPress Admin Dashboard.

To set that up, you’ll need to enable the Anyone can register checkbox and set the default role to subscriber.

For more detailed info on your different options here, you can check out our guide on WordPress user roles and permissions.

2. User Registration Form

If you’re going to allow users to register on your site, it’s smart to create a custom user registration form.

You can use the WPForms User Registration Addon to create a more secure form than the default WordPress user registration form, thanks to WPForms’ built-in form security features.

The first thing you need to do is install and activate the WPForms plugin. Here’s a step by step guide on how to install a WordPress plugin.

Once you have installed WPForms, go to WPForms » Addons and find the User Registration Addon. To access this addon, you must have the Pro license plan.

Next, see our tutorial on How to Create a User Registration Form in WordPress to create a form.

3. Email Activation for User Registration

User Email Activation is an optional security measure is available within the WPForms User Registration addon.

When you require a user to click a confirmation link in their email, spambots are less likely to get through this security step.

Let’s go turn that on now.

Go to Settings »  User Registration.  On the right-hand preview panel, scroll down to the User Activation Method and select User Email.

That’s it! Don’t forget to save your changes.

4. Administrator Approval for New Users

If you’d like an even more secure method of user registration, you can opt for Manual Approval.

This approval method will require you to review each user registration request before the new user can join your website.  You’ll receive an email notice for each request, and the option to approve or deny the new member.

To activate this method, go to Settings »  User Registration. On the right-hand preview panel, scroll down to the User Activation Method and select Manual Approval.


Another way to stop spam user registrations is to use a CAPTCHA field.

CAPTCHA is a test question that the user must answer in order to submit the form. Sometimes this can be blurry text from an image that they must reenter, a checkbox, or a simple question.

We have created our CAPTCHA field to prompt users for a simple math problem, or to use custom questions.

To set this up on your forms, first you need to activate the Custom CAPTCHA addon. Then a new Fancy Field called “CAPTCHA” will be added to the Form Builder. Simply drag & drop this field in your form.


By default, it will show random math questions. However, when you click to edit the CAPTCHA form field it will allow you to choose between the math option or the Question and Answer option. If you select Question and Answer, you can enter your own custom question.

Once you’re done configuring the CAPTCHA field, simply save your form. Now users must answer your CAPTCHA question correctly in order for the form to submit.


CAPTCHA is an effective way to block spambots, but it can also be annoying for your real users.

Instead of using the custom CAPTCHA option we just mentioned, you can use the reCAPTCHA tool Google created.

The advantage of using reCAPTCHA is that users only need to click a checkbox, instead of having to solve math problems or answer questions. This can improve your form conversions by giving your users less work to do.

To activate reCAPTCHA on your form, you can go to WPForms » Addons and find the reCAPTCHA Addon.

Then edit your form and go to Settings » General. Take a look on the right-hand preview panel near the bottom of the screen and check Enable reCAPTCHA.

7. Honeypot Anti-Spam

Would you rather avoid giving users a CAPTCHA field entirely? In that case, you can use the Honeypot option.

Honeypots are great because they don’t bother users like a CAPTCHA. In fact, they’re completely invisible to your real users.

Basically, a honeypot is a hidden field in your form that’s meant to stay blank. But spambots will see it, and automatically fill it out.

When the honeypot field is filled in, we can reject the form as spam.

WPForms has an anti-spam honeypot feature built in, and it’s enabled on your forms by default. You can find the option under Settings » General when editing your form.

At the bottom of the the right-hand preview panel, you’ll see that Enable anti-spam honeypot is selected by default.

8. Stop Spammer Registrations

Another step you can take to stop spammer registrations is to use the Stop Spammers Spam Prevention WordPress plugin.

The plugin uses a number of spam prevention techniques, including checking Akismet for known spamming activity to proactively block spammers. The plugin also maintains a list of bad hosts known for tolerating spam activity and blocks them.

Once you’ve activated the plugin, you can go to Stop Spammers » Protection options.

The default settings on this page will work for most websites. However, you can uncheck a few of them if you find that your legitimate users are unable to login.

There is a small chance that this plugin could lock you out of your site’s admin area. If this happens, the simplest solution is to connect to your site through FTP and rename the plugin file from stop-spammer-registrations.php to stop-spammer-registrations.locked.

WordPress will automatically deactivate the plugin for you, and you can now access the admin area of your site.

9. IP Address Blocking

Did you know that each computer on the internet can be identified with a unique number known an IP Address?  When you discover which IP Address is sending spam to your site, you can block that address from accessing your site entirely.

To track the IP Addresses that are using your form, go to Settings » Notificationswithin the form editor.

Next to the Message field, click Show Smart Tags and click on User IP Address.

When you receive your next email notification, you’ll see what the user’s IP Address is.

Want to block that IP address from accessing your site?

One way to do this is to go to your web hosting company and ask for support in blocking them. Another way to block an address is to use a security plugin such as Sucuri to blacklist the IP Address.

10. Sucuri

Sucuri is a website security company that specializes in WordPress security. They protect your website from hackers, malware, DDoS and blacklists.

When you enable Sucuri, all your site traffic goes through their CloudProxy firewall before coming to your hosting server. This allows them to block all the attacks and only send you legitimate visitors.

On top of the increased security, the firewall also makes your website faster, and you may even be able to save money on your hosting bill because your server load will go down significantly.

Learn more about Sucuri’s benefits in our review: How Sucuri Helped Us Block 450,000 WordPress Attacks in 3 Months.

Good work! You now know how to stop spam registrations in WordPress.

Do you want some great tips on how to discover more information about your customers? You might also want to check out our guide on clever web form hacks to unlock hidden customer data.

What are you waiting for? Get started with the most powerful WordPress forms plugin today.

If you like this article, then please follow us on Facebook and Twitter for more free WordPress tutorials.

How to show ip for postfix smtp

The current connection over 25 port command:

watch ‘netstat -na | grep :25’

with this command, you can see the external ip that user the server to send emails.

while true
        lsof-i | grep smtp
        sleep 10
with this command you can find the username of the spammer software

How to unban ip with Failban

fail2ban-client set postfix unban ip

how to show jail list :
fail2ban-client status

how to view the status of a jail:
fail2ban-client status roundcube
show all the ipa for all jails
fail2ban-client status | grep “Jail list:” | sed “s/ //g” | awk ‘{split($2,a,”,”);for(i in a) system(“fail2ban-client status ” a[i])}’ | grep “Status\|IP list”

How to remove from Postfix queue only one mail address

execute this command :


insert this code:


$REGEXP = shift || die “no email-adress given (regexp-style, e.g. bl.*\!”;

@data = qx</usr/sbin/postqueue -p>;

for (@data) {

  if (/^(\w+)(\*|\!)?\s/) {

     $queue_id = $1;


  if($queue_id) {

    if (/$REGEXP/i) {

      $Q{$queue_id} = 1;

      $queue_id = “”;




#open(POSTSUPER,”|cat”) || die “couldn’t open postsuper” ;

open(POSTSUPER,“|postsuper -d -“) || die “couldn’t open postsuper” ;

foreach (keys %Q) {

   print POSTSUPER $_\n;



execute this command:

chmod 755

run in this way:


Install nmap and check which ports are open.Centos 7

yum install nmap

now scan the ports with :

nmap -sT -O localhost


Nmap scan report for localhost (

Host is up (0.000083s latency).

rDNS record for localhost.localdomain

Not shown: 972 closed ports


21/tcp    open  ftp

22/tcp    open  ssh

25/tcp    open  smtp

53/tcp    open  domain

80/tcp    open  http

110/tcp   open  pop3

111/tcp   open  rpcbind

143/tcp   open  imap

443/tcp   open  https

783/tcp   open  spamassassin

993/tcp   open  imaps

995/tcp   open  pop3s

1080/tcp  open  socks

1081/tcp  open  pvuniwien

2005/tcp  open  deslogin

2009/tcp  open  news

3005/tcp  open  deslogin

3306/tcp  open  mysql

5432/tcp  open  postgresql

8009/tcp  open  ajp13

8080/tcp  open  http-proxy

8081/tcp  open  blackice-icecap

9009/tcp  open  pichat

9080/tcp  open  glrpc

9090/tcp  open  zeus-admin

9100/tcp  open  jetdirect

10024/tcp open  unknown

10025/tcp open  unknown

No exact OS matches for host (If you know what OS is running on it, see ).

TCP/IP fingerprint:











Network Distance: 0 hops

OS detection performed. Please report any incorrect results at .

Nmap done: 1 IP address (1 host up) scanned in 12.22 seconds

now scan from external :

nmap -sT -O <ip>


Starting Nmap 7.50 ( ) at 2017-07-23 09:30 CEST

Nmap scan report for (<ip>)

Host is up (0.035s latency).

rDNS record for <ip>: mail.

Not shown: 978 closed ports


21/tcp   open     ftp

22/tcp   open     ssh

25/tcp   open     smtp

53/tcp   open     domain

80/tcp   open     http

110/tcp  open     pop3

111/tcp  open     rpcbind

135/tcp  filtered msrpc

139/tcp  filtered netbios-ssn

143/tcp  open     imap

443/tcp  open     https

445/tcp  filtered microsoft-ds

993/tcp  open     imaps

995/tcp  open     pop3s

1080/tcp open     socks

1081/tcp open     pvuniwien

2009/tcp open     news

3306/tcp filtered mysql

8009/tcp open     ajp13

8081/tcp open     blackice-icecap

9009/tcp open     pichat

9080/tcp open     glrpc

Device type: general purpose|media device|WAP|storage-misc

Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (89%), Asus embedded (86%), Synology DiskStation Manager 5.X (86%)

OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:3.x cpe:/h:asus:rt-n56u cpe:/o:linux:linux_kernel:3.4 cpe:/o:linux:linux_kernel:3.10 cpe:/a:synology:diskstation_manager:5.2 cpe:/o:linux:linux_kernel:2.6.32

Aggressive OS guesses: Linux 3.2 – 4.8 (89%), Linux 3.18 (88%), Linux 3.16 (87%), Linux 3.13 or 4.2 (87%), XBMCbuntu Frodo v12.2 (Linux 3.X) (87%), ASUS RT-N56U WAP (Linux 3.4) (86%), Linux 3.13 (86%), Linux 3.12 (86%), Linux 3.8 – 3.11 (86%), Linux 4.10 (86%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 6 hops

OS detection performed. Please report any incorrect results at .

Nmap done: 1 IP address (1 host up) scanned in 15.47 seconds


check now for LISTENING port:

Next, check for information about the port using netstat or lsof. To check for port 834 using netstat, use the following command:

netstat -anp | grep 834

result :

tcp        0      0         TIME_WAIT                      

unix  2      [ ACC ]     STREAM     LISTENING     397083455 343/amavisd (ch1-av  /var/spool/amavisd/amavisd.sock

unix  2      [ ]         STREAM     CONNECTED     481728342 25062/ruby           

unix  3      [ ]         STREAM     CONNECTED     407881834 4920/dovecot         

unix  2      [ ]         STREAM     CONNECTED     481808349 25062/ruby   

The lsof command reveals similar information since it is also capable of linking open ports to services:

lsof -i | grep 834

To check if the port is associated with the official list of known services, type:

cat /etc/services


to check the users log in use command : who

Error GET files css or js: 404 Not Found

Remove that link to your stylesheet from your index.html. You’re using the angular-cli and in your configuration, styles.css is being included by the angular-cli. Your link tag in the HTML isn’t doing anything.

(The angular cli is also dynamically injecting a link tag for that style into your html, which is why ‘it works’).

I modified my angular-cli.json :

“apps”: [
“root”: “src”,
“outDir”: “dist”,
“assets”: [
“index”: “index.html”,
“main”: “main.ts”,
“polyfills”: “polyfills.ts”,
“test”: “test.ts”,
“tsconfig”: “”,
“testTsconfig”: “tsconfig.spec.json”,
“prefix”: “app”,
“styles”: [
“scripts”: [],
“environmentSource”: “environments/environment.ts”,
“environments”: {
“dev”: “environments/environment.ts”,
“prod”: “environments/”

Exchange Server set up Mail and attachment size

To check your server’s current limit you can open and access them via Exchange Management Console (EMC), however PowerShell offers a faster method that is available also on Office 365. Run the following code in the Exchange Management Shell, or after connecting with Office 365 via remote PowerShell session:

get-transportconfig | ft maxsendsize, maxreceivesize
get-receiveconnector | ft name, maxmessagesize
get-sendconnector | ft name, maxmessagesize
get-mailbox Administrator |ft Name, Maxsendsize, maxreceivesize

To change the above size limits you can use a PS script too. The example below shows how to reduce the size of messages accepted by the transport service from the 25 MB to 15 MB.

Set-TransportConfig -MaxSendSize 15MB -MaxReceiveSize 15MB

Syntax of the command for send/receive connectors is similar, however you need to execute it for each connector’s identity. The same rule applies to mailboxes – you need to specify which mailboxes to affect by the command. Therefore, it is easier to pass over the result of the  Get- command directly to the Set- command. To do so – use the piping feature of PowerShell. E.g. setting a 10MB message size limit in  all mailboxes requires the following command:

Get-Mailbox | Set-Mailbox -MaxSendSize 10MB -MaxReceiveSize 10MB

The Get-mailbox command result is passed with the “|” pipe symbol to the Set-Mailbox command. This method works also for the send/receive connectors. The final script that sets the transport message size limit to 15 MB, send/receive connectors limits to 10 MB each, and the message size limit in all mailboxes to 10 MB presents as follows:

get-transportconfig | Set-TransportConfig -maxsendsize 15MB -maxreceivesize 15MB; get-receiveconnector | set-receiveconnector -maxmessagesize 10MB; get-sendconnector | set-sendconnector -maxmessagesize 10MB; get-mailbox | Set-Mailbox -Maxsendsize 10MB -maxreceivesize 10MB

There is a drawback however. Limits presented above are set for the message as a whole, no matter if they contain attachments or not. If the message is extremely large and contains no attachment, it will be stopped.

Attachment size limit

The only way to set size limits exclusively for attachments is to use a hub transport rule, which will detect and block messages if their attachments are over a specified size threshold.

To set up the rule you can use the below PowerShell script, as the method is quite simple:

New-TransportRule -Name LargeAttach -AttachmentSizeOver 10MB -RejectMessageReasonText "Message attachment size over 10MB - email rejected."

and final

Set-SendConnector -Identity “Default send connector” -MaxMessageSize 5MB

(this for all mailbox. you can use the mailbox instead ‘Default send connector’)

to check after :

get-sendconnector | ft name, maxmessagesize

very usefull this link …Thanks