Hi Joe,
can this be fixed in squid. I mean what has port 80 got to do w email port
25?
Sorry for the newbie question.
thanks in advance,
-botp
> -----Original Message-----
> From: "Peņa, Botp" [mailto:botp@delmonte-phil.com]
> Sent: Monday, July 29, 2002 11:23 AM
> To: 'Joe Cooper'
> Cc: 'Doug Bagley'; postfix-users@postfix.org
> Subject: RE: my postfix box hacking?- FW: SMTP abuse at delmonte phil?
>
>
> Hi Joe,
>
> Good thing to hear fr a squid guru on the postfix list :-)
> Yes, you're right "-someone misconfigured it to make it an
> open proxy (i.e. you
> have an "http_access allow all" line in your squid.conf file)".
>
> But I've stop it though just to make everyone notice it (and
> learn a lesson)...
>
> Thanks for the help -botp
>
>
> > -----Original Message-----
> > From: Joe Cooper [mailto:joe@swelltech.com]
> > Sent: Monday, July 29, 2002 11:11 AM
> > To: "Peņa, Botp"
> > Cc: 'Doug Bagley'; postfix-users@postfix.org
> > Subject: Re: my postfix box hacking?- FW: SMTP abuse at
> delmonte phil?
> >
> >
> > It is unnecessary to stop Squid. Just close it to users
> > outside of your
> > network and reload. Using access controls in Squid is well
> > documented
> > in the FAQ, and Squid does not operate as an open proxy by
> > default--someone misconfigured it to make it an open proxy
> (i.e. you
> > have an "http_access allow all" line in your squid.conf file).
> >
> > Peņa, Botp wrote:
> > > Hi Doug,
> > >
> > > You've been very helpful.
> > > I will stop the squid now.
> > >
> > >
> > > Btw, isn't it that osirusoft will send us a warning mail before
> > > blocking us? (I'm note sure though but it would be very helpful).
> > >
> > > Many thanks again.
> > > -botp
> > >
> > >
> > > ps: btw 1) what is bh? Maybe you can share us some of
> your tools...,
> > > 2) I did not receive your mail. Guest we're really blocked on your
> > > side...
> > >
> > >
> > >
> > >>-----Original Message-----
> > >>From: Doug Bagley [mailto:doug+ml.postfix-users@bagley.org]
> > >>Sent: Monday, July 29, 2002 9:48 AM
> > >>To: postfix-users@postfix.org
> > >>Cc: Peņa, Botp
> > >>Subject: Re: my postfix box hacking?- FW: SMTP abuse at
> > delmonte phil?
> > >>
> > >>
> > >>"Peņa, Botp" <botp@delmonte-phil.com> writes:
> > >>
> > >>>How could I prove that his claim is true (or false).
> > >>
> > >>(I previously replied to Mr. Peņa privately, but maybe
> others would
> > >>like to know that the problem is not postfix).
> > >>
> > >>It definately looks like the problem is an open Squid
> proxy running
> > >>on the host that contacted the complainant:
> > >>
> > >>
> > >>>bh 202.57.100.26
> > >>
> > >> relays.osirusoft.com: BLOCKED: (2002/07/12) Open
> > >>Proxy: http(80)
> > >> socks.relays.osirusoft.com: BLOCKED: (2002/07/12) Open
> > >>Proxy: http(80)
> > >> proxies.relays.monkeys.com: BLOCKED: IP address
> > >>[202.57.100.26] BLOCKED: See
> > >>http://www.monkeys.com/anti-> spam/filtering/proxies.html
> > >>
> > >>
> > >>ztl.dorkslayers.com: BLOCKED: 202.57.100.26 is listed by
> > >>ztl.dorkslayers.com
> > >> bl.spamcop.net: BLOCKED: see
> > >
> > > http://spamcop.net/bl.shtml?202.57.100.26
> > > dnsbl.njabl.org: BLOCKED: spam source --
> > 1025543451
> > >
> > > I suggest first turning off Squid, then changing your IP
> address to
> > > get out of the blackholes :-)
> > >
> > > cheers,
> > > doug
> >
> >
> >
> > --
> > Joe Cooper <joe@swelltech.com>
> > Web caching appliances and support.
> > http://www.swelltech.com
> >
> > -
> > To unsubscribe, send mail to majordomo@postfix.org with
> > content (not subject): unsubscribe postfix-users
> >
> -
> To unsubscribe, send mail to majordomo@postfix.org with
> content (not subject): unsubscribe postfix-users
>
Received on Sun Jul 28 2002 - 21:59:02 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:23 MST