[CentOS] preventing apache from being a mail relay

Sun Mar 3 22:46:16 UTC 2013
Joseph Spenner <joseph85750 at yahoo.com>

On 03/03/2013 05:06 PM, Alexander Dalloz wrote:

> Am 03.03.2013 22:49, schrieb Robert Moskowitz:
>> There was an attack, and if you search you will find references to it,
>> where the spammers post to your web server in such a way that they relay
>> out port 25.  They send to your port 80, but you send out port 25.  For
>> example:
>> http://forums.fedoraforum.org/archive/index.php/t-173601.html
>> My old server has been running smoothly for over two years, but it is
>> time to bring the software current.  I did all the work on this back
>> then, or maybe before and copied from my earlier server.  This time I am
>> trying to build everything clean and document every change I make.
> Such a misbehaviour would be caused by a misconfigured apache proxy setup.

>It is coming back now through a pair of dark glasses. Just haven't built 
>a public web server is so long, as the old one just ran for as little as 
>I needed it, that I lost the notes on the problem. Looks like current 
>defaults do not allow this.

Wouldn't this attack be similar to using someone's web server as a proxy to get to other sites?  By default, apache doesn't permit itself to "proxy" this way.

A simple test would be to do something like this to your own web server, or one in question:

$ telnet ip.of.webserver 80

GET http://www.google.com HTTP/1.0

 If life gives you lemons, keep them-- because hey.. free lemons.
"~heart~ Sticker"  fixer:  http://microflush.org/stuff/stickers/heartFix.html