On 03/03/2013 05:46 PM, Joseph Spenner wrote: > On 03/03/2013 05:06 PM, Alexander Dalloz wrote: > >> Am 03.03.2013 22:49, schrieb Robert Moskowitz: >> >>> There was an attack, and if you search you will find references to it, >>> where the spammers post to your web server in such a way that they relay >>> out port 25. They send to your port 80, but you send out port 25. For >>> example: >>> >>> http://forums.fedoraforum.org/archive/index.php/t-173601.html >>> >>> My old server has been running smoothly for over two years, but it is >>> time to bring the software current. I did all the work on this back >>> then, or maybe before and copied from my earlier server. This time I am >>> trying to build everything clean and document every change I make. >> Such a misbehaviour would be caused by a misconfigured apache proxy setup. >> It is coming back now through a pair of dark glasses. Just haven't built >> a public web server is so long, as the old one just ran for as little as >> I needed it, that I lost the notes on the problem. Looks like current >> defaults do not allow this. > Wouldn't this attack be similar to using someone's web server as a proxy to get to other sites? By default, apache doesn't permit itself to "proxy" this way. Not anymore. Once upon a time, the internet was a nice place and so what if you proxied? But the dragons were always lurking there, ready to feed...