Mailinglist Archive: opensuse-security (757 mails)
| < Previous | Next > |
Re: [suse-security] spam - acting as a relay
- From: Hans-Martin Mosner <hmm@xxxxxxx>
- Date: Thu, 24 Jan 2002 15:16:37 +0100
- Message-id: <3C501745.5060208@xxxxxxx>
Delia Wakelin wrote:
> I have recently been informed that my machine is relaying spam.Need
> some help to identify the problem. I have had sendmail switched off
> on a suse 7.3 machine.
>
> here is the gist of the problem - my machine aaa.bbb.cc.dd.
>
> It seems they are using wwwrun - does that mean it is via php? Where
> and how should I block this
>
You have an open HTTP-Proxy at port 3128. Anybody can use the CONNECT method to build a TCP connection through it to any IP address. You need to disable that proxy or restrict access so that only local users may use it.
Cheers,
Hans-Martin
> I have recently been informed that my machine is relaying spam.Need
> some help to identify the problem. I have had sendmail switched off
> on a suse 7.3 machine.
>
> here is the gist of the problem - my machine aaa.bbb.cc.dd.
>
> It seems they are using wwwrun - does that mean it is via php? Where
> and how should I block this
>
You have an open HTTP-Proxy at port 3128. Anybody can use the CONNECT method to build a TCP connection through it to any IP address. You need to disable that proxy or restrict access so that only local users may use it.
Cheers,
Hans-Martin
| < Previous | Next > |