Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] spam - acting as a relay
  • From: Hans-Martin Mosner <hmm@xxxxxxx>
  • Date: Thu, 24 Jan 2002 15:16:37 +0100
  • Message-id: <3C501745.5060208@xxxxxxx>
Delia Wakelin wrote:

> I have recently been informed that my machine is relaying spam.Need
> some help to identify the problem. I have had sendmail switched off
> on a suse 7.3 machine.
>
> here is the gist of the problem - my machine aaa.bbb.cc.dd.
>
> It seems they are using wwwrun - does that mean it is via php? Where
> and how should I block this
>
You have an open HTTP-Proxy at port 3128. Anybody can use the CONNECT method to build a TCP connection through it to any IP address. You need to disable that proxy or restrict access so that only local users may use it.

Cheers,
Hans-Martin


< Previous Next >
References