DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20597>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20597 mod_proxy opens mail relay Summary: mod_proxy opens mail relay Product: Apache httpd-1.3 Version: 1.3.26 Platform: PC OS/Version: Other Status: NEW Severity: Major Priority: Other Component: mod_proxy AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] When set to "Allow From All" (which is quite careless, I might add) mod_proxy allows spammers to use a request like POST http://www.mydomain.com:25/ HTTP/1.1 or CONNECT smtp.mail.yahoo.com:25 HTTP/1.0 To connect to the local MTA (e.g. sendmail) running on the webserver. This makes any apache with the config mentioned above a very nice target for spammers. cf. discussion @ http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=patpro.pouet-47B38A.10003106062003%40news.wanadoo.fr&rnum=1&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DISO-8859-1%26q%3D3EDFCB3A.8000709%2540NO.nf.sympatico.ca.SPAM%26btnG%3DGoogle%2BSearch These attacks seem to come from Asia and the US, I witnessed some more or less successful attacks in the last two days. You may want to declare this security relevant. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
