On Mon, 2003-11-24 at 17:25, Tiago Halm wrote: > It's not the first time, but I gave up trying to figure it out. > My IIS (port 80) received this HTTP request from x.x.x.x. > > Any thoughts ?
Yes: somebody is trying to see if your webserver has proxy-mode enabled and is trying to use this feature to relay spam. Cordialement, > ---------------------------------------------------------------------------- > ---------- > POST http://x.x.x.x:25/ HTTP/1.1 > Content-type: application/octet-stream > Content-length: 540 > Host: x.x.x.x > > HELO ps.com > MAIL FROM:<[EMAIL PROTECTED]> > RCPT TO: <[EMAIL PROTECTED]> > DATA > Message-ID: > <[EMAIL PROTECTED]> [snip] -- Vincent RENARDIAS http://www.renardias.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
