Apache being used to relay mail
Bruce Dawson
jbd at codemeta.com
Sun Apr 6 12:29:40 EDT 2003
For those of us who run web sites and are wondering why your site is
getting blacklisted for email, I've finally figured this much out:
Spammers are using the Proxy mechanisms of apache to surreptitiously
send mail. Turning off ProxyRequest and ProxyVia seems to close the
hole.
They appear to be using HTTP requests like
POST http://rogue.codemeta.com:25 HTTP/1.0
...
Just thought some of the sysadmins out there would like to know - it
took me forever to figure out the "Open Relay" was in Apache and not
sendmail!
--Bruce
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20030406/372b20bd/attachment.bin
More information about the gnhlug-discuss
mailing list