[Techtalk] Apache, abuse and nonexistent domains.
Michelle Konzack
linux.mailinglists at freenet.de
Wed Dec 18 02:57:09 EST 2002
Hallo Therese,
Am 01:41 2002-12-17 -0800 hat Therese Gustafsson geschrieben:
>
>Hi everyone.
>
>Lately I have a lot of logentries in my Apache access_log like this:
>208.3.113.49 - - [17/Dec/2002:04:34:42 +0100] "CONNECT
>203.190.194.95:25 HTTP/1.1" 400 379 "-" "-"
Port 25 is smtp !!!
Ther is someon, which like to use your Web-Server as OPEN
SMTP-RELAY...
Somtimes you find misconfigured Webservers which use a MUA
for sending error-messages. and if the Admin forget to deny
relaying, the Webserver can be used to spamm...
If you have a MUA installed on the web server, please check
the config !!!
IF not, disable the smtp service.
Michelle
More information about the Techtalk
mailing list