On Saturday 27 September 2003 07:24, [EMAIL PROTECTED] wrote: > Apache mod_proxy (he wasn't aware of that, I found the evidance > in my apache logs), which was used by spammers to "bounce" > SMTP over HTTP proxy (anyone know the exact HTTP stream they > might have used for that?)
There are two ways to do that: 1. use HTTP CONNECT to open a tunnel to the SMTP server and talk with it normally. as most servers today limit or disable CONNECT support entirely, this is not always feasable (but spammers try it anyway). if that doesn't work: 2. use HTTP POST to send a buffer containing a prepared client side part of an SMTP session, anticipating the responses of the server (not really hard, as basicly an SMTP server simply says "ok","ok","ok" or else it doesn't matter much what it says). The only problem with this is the HTTP headers sent, but the SMTP server just ignores them. -- Oded ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
