Because Squid does not interpret what's sent via the CONNECT verb. So
you could do
CONNECT mail.example.com:25\r\n\r\n
then do some nasty sendmail hack.
The above would allow you to bypass any outgoing firewall rules, so by
default it is prevented.
Ian Redfern (redferni@logica.com).
----------
From: Pim Zandbergen
To: squid-users@nlanr.net
Subject: allow HTTPS on non-standard ports, dangerous ?
Date: 21 January 1998 1:44pm
The sample configuration file that comes with the Squid caching proxy
server disallows HTTPS (method connect) on non-standard ports (443 &
563).
What's the idea? How dangerous would it be to allow random ports with
HTTPS?
--
E-mail : Pim Zandbergen <pim@cti.nl>
S-mail : Laan Copes van Cattenburch 70, 2585 GD The Hague, The
Netherlands
Phone : +31 70 3067373
Fax : +31 70 3067374
Received on Wed Jan 21 1998 - 06:19:19 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:28 MST