httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: Spam Using SMTP "Over" HTTP-Proxy
Date Thu, 28 Aug 2003 13:19:19 GMT

On Thu, 28 Aug 2003, Eli Marmor wrote:
> According to research companies, most of the current spamming is done
> using HTTP proxies.

I find that hard to believe.  I believe a substantial amount of spam comes
this way, but "most" seems unlikely.

> 1. Is there any existing code and/or module that implements this?

ProxyBlock :25
would probably do it.  But I still haven't tested this, since I don't use
the proxy myself.

But as Cliff said, "ProxyRequests Off" is the real fix.  I spent a few
hours doing a substantial rewrite of the proxy documentation to try to
clarify this issue (not with respect to SMTP, but with respect to open
proxies in general).

I think we've done pretty-much all we can.  I wouldn't mind putting a
little note on the httpd.apache.org homepage saying "Have you secured your
proxy?" and point to the correct docs.

Joshua.

Mime
View raw message