Yes, I agree. Someone nearby just directed me to http://online.securityfocus.com/bid/4131/discussion/ I'm guessing they are looking for any response from the mail server as an indication that my server is usable by them, but possibly the main motivation is indeed to get at microsoft's mail server. Thanks for your response. Ben On Wed, 2002-10-09 at 14:07, Seth Arnold wrote: ... > > 216.xx.xx.xx - - [09/Oct/2002:05:55:25 -0700] "CONNECT > > maila.microsoft.com:25 / HTTP/1.0" 400 370 "-" "-" .... > 216.xx.xx.xx is trying to use your apache as an http proxy (similar to > squid) to connect to a mailserver at microsoft in order to relay traffic > through you -- very similar to an open relay over smtp. The dsbl black > list tools provide different open relay scanners that check socks, http, > and formmail, as well as the most comprehensive smtp relay test I've > seen -- there are roughly 25 different smtp address formats used to try > to trick the remote server to relay. > > You can probably safely ignore this. :) -- -- Ben Barrett Software & Systems Engineer counterclaim Phone: 541.484.9235 Fax: 541.484.9193
This archive was generated by hypermail 2b30 : Wed Oct 09 2002 - 16:06:14 PDT