RE: [squid-users] Strange traffice to port 25?

Apparently if your Squid is mis-configured it can be possible to use it for relaying spam. I forget the specifics but its within the FAQ's somewhere. Of course yours appears to be preventing it ;)

-----Original Message-----
From: Bill Moran [mailto:wmoran@potentialtech.com]
Sent: Tue 3/23/2004 3:04 PM
To: squid-users@squid-cache.org
Subject: [squid-users] Strange traffice to port 25?
 
I'm trying to finalize the setup of a new squid cache acting as a transparent
proxy. As we finish up testing and tweak the config, I'm suddenly finding a
lot of traffic getting TCP_DENIED to (what looks like) port 25.

Unfortunatly, I don't have full access to the entire network in question, so
I can't be 100% sure that there isn't a router somewhere else that's
misconfigured, but I wanted to check in to see if maybe there's some squid-
related explanation for this traffic.

Has anyone seen this before? Am I right in my thinking that SMTP traffic
is (for some reason) trying to go through squid? Is there some other
explanation than saying a router somewhere is redirecting incorrectly?

The funny thing about the whole situation is that mail is working fine in
spite of it. You'd think people would be having trouble with email.

Here's an example log entry:
1080054163.917 3 <ip munged> TCP_DENIED/403 1346 CONNECT <ip munged>:25 - NONE/- text/html

The ":25" means that's the destination port, correct?

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com
This message is confidential. You should not copy it or disclose its contents to anyone. You may use and apply the information only for the intended purpose. Internet communications are not secure and therefore Noel-Baker Community School does not accept legal responsibility for the contents of this message. Any views or opinions presented are only those of the author and not those of Noel-Baker Community School. If this email has come to you in error please delete it and any attachments. Please note that Noel-Baker Community School may intercept incoming and outgoing e-mail communications.