Fedora Users — Using http as mail spam engine

Using http as mail spam engine

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

Subject: Using http as mail spam engine

From: "Ashley M. Kirchner" <ashley@xxxxxxxxxx>

Date: Mon, 05 Nov 2007 13:07:13 -0700

Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>

User-agent: Thunderbird 2.0.0.6 (Windows/20070728)


   I noticed these entries in my apache log today:

60.250.66.175 - - [01/Nov/2007:04:41:01 -0600] "CONNECT218.32.192.11:25 HTTP/1.0" 200 12439 "-" "-"60.250.66.175 - - [01/Nov/2007:04:41:04 -0600] "CONNECT61.31.198.50:25 HTTP/1.0" 200 12439 "-" "-"60.250.66.175 - - [01/Nov/2007:04:43:28 -0600] "CONNECT60.249.125.71:25 HTTP/1.0" 200 12439 "-" "-"159.148.97.91 - - [02/Nov/2007:22:01:40 -0600] "CONNECT195.175.37.70:8080 HTTP/1.0" 200 14301 "-" "-"159.148.97.91 - - [02/Nov/2007:22:01:41 -0600] "CONNECT159.148.96.222:80 HTTP/1.0" 200 14301 "-" "-"

And while the first two are specifically targeting port 25, theother two aren't But more importantly, how is this being done, and howdo I stop it? Did I forgot to disable something within Apache somewhere?