[prev in list] [next in list] [prev in thread] [next in thread]
List: wikipedia-l
Subject: [Wikipedia-l] Re: Info on SORBS, blocking of open proxies
From: Tim Starling <t.starling () physics ! unimelb ! edu ! au>
Date: 2005-03-30 16:02:38
Message-ID: d2eigt$2lv$1 () sea ! gmane ! org
[Download RAW message or body]
Tony Sidaway wrote:
> The FAQ URL that someone cited seems to demonstrate a technique that can
> be used by a spammer to use an open http proxy to get trusted access to an
> email server on the same system, bypassing the relay rules and
> compromising the mail server. This is pretty serious stuff. Web proxies
> *should not* be open.
Right, the CONNECT method. Here's a session showing me connecting to
mail.wikipedia.org via Walter von Kalken's proxy:
[1553][tstarling@zwinger:~]$ telnet 203.144.143.6 80
Trying 203.144.143.6...
Connected to 203.144.143.6.
Escape character is '^]'.
CONNECT mail.wikipedia.org:25 HTTP/1.0
HTTP/1.1 200 Connection established
Proxy-agent: BlueCoat-Security-Appliance
220 mail.wikimedia.org ESMTP Postfix
(end quote)
At this point I could have sent a couple of thousand spam messages and
vanished into the night. This is the reason SORBS, who work on
preventing email spam, and Blitzed, who work on preventing IRC spam,
both list HTTP proxies. Note that we're not blocking other kinds of spam
relay, SORBS gives a means to distinguish between the various types.
Although at the moment, we're not effectively blocking anything at all,
see my foundation-l post on this subject.
-- Tim Starling
_______________________________________________
Wikipedia-l mailing list
Wikipedia-l@Wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/wikipedia-l
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic