On Tue, Oct 25, 2005 at 09:36:56PM +0100, [EMAIL PROTECTED] wrote: > Hi > > I am running transparent squid server on Redhat ES 3.0 box. I noticed > some time some of my users establish http connection with some server on > internet and send spam mail. Header of that mail always contain squid > server IP address. Is there any way I can insert customer's PC ip > address also which is actually sending that mail?
You must have a rule which allows squid to connect to port 25 that you should disable. I believe this sort of spamming uses the CONNECT method. The default squid configuration prevents this already with: acl SSL_ports port 443 acl CONNECT method CONNECT http_access deny CONNECT !SSL_ports and acl Safe_ports port 80 # http acl Safe_ports port 443 # https acl Safe_ports port 21 # ftp http_access deny !Safe_ports --- Chris Covington IT Plus One Health Management 75 Maiden Lane Suite 801 NY, NY 10038 646-312-6269 http://www.plusoneactive.com
