Knute Johnson schrieb: > --------------------- httpd Begin ------------------------ > > Connection attempts using mod_proxy: > 220.132.60.97 -> msa.hinet.net:25: 1 Time(s) > > Above is a piece of my logwatch email today. What is msa.hinet.net > actually trying to do here? Proxying is not enabled on my httpd > server but the modules are loaded. I tried commenting out the > loading but httpd wouldn't start then. > > Thanks, Not msa.hinet.net tried to misuse your apache but 220.132.60.97. From the host with that IP someone tried CONNECT msa.hinet.net:25 when talking with your apache server and checking the answer. If that would have been successful because of receiving the greeting by the mail server a storm of spam sending through your apache acting as an open proxy would have followed. Alexander
