On 03/03/2013 05:39 PM, Reindl Harald wrote:
Am 03.03.2013 22:49, schrieb Robert Moskowitz:
On 03/03/2013 04:33 PM, Reindl Harald wrote:
Am 03.03.2013 22:30, schrieb Robert Moskowitz:
I am trying to recall back at least 2 years, and my notes are poor, and my searching appears to be worst...
Seems I recall that last when I set up my apache server, the spammers were posting to it so it would send out the spam on port 25. There was some conf that I did to block this, but I did not document it, and I can't find any reference to this
what are you speaking about? apache is a WEBSERVER and has NOTHING to do with email
There was an attack, and if you search you will find references to it, where the spammers post to your web server in such a way that they relay out port 25. They send to your port 80, but you send out port 25. For example:
http://forums.fedoraforum.org/archive/index.php/t-173601.html
only if you are so stupid and enable prxy-requests and load any useless module becuse it exists - in other words: this only affects poorly wrong configured setups which have way larger problems as this one
Once upon a time, it worked this way out of the box. I did NOT set up proxy, and I was being pounded, and found I had to turn it off. Now knowing what to look for, I found my notes and it was back on my '07 server.
There is no reason for a general web server to function as a proxy, so for some time it has come with that part commented out. I looked a another '10 box (Centos 5.5) that had apache installed but never used and the proxy part was commented out.
So yes, anyone turning on proxy today without care gets what they set up. But again, who needs proxying on a general web server?