On 03/03/2013 04:37 PM, John R Pierce wrote: > On 3/3/2013 1:30 PM, Robert Moskowitz wrote: >> Seems I recall that last when I set up my apache server, the spammers >> were posting to it so it would send out the spam on port 25. There was >> some conf that I did to block this, but I did not document it, and I >> can't find any reference to this. > > a webserver can't send email unless you've got email cgi or forms on/in > your webpages This is probably such an old attack, that 'modern' apache builds block it by default. It had nothing to do with email cgi or forms.