[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] HTTP request with SMTP message

To: Tiago Halm <thalm@netcabo.pt>
Subject: Re: [Full-Disclosure] HTTP request with SMTP message
From: Valdis.Kletnieks@vt.edu
Date: Mon, 24 Nov 2003 13:07:01 -0500

On Mon, 24 Nov 2003 16:25:30 GMT, Tiago Halm <thalm@netcabo.pt>  said:
> My IIS (port 80) received this HTTP request from x.x.x.x.
> 
> Any thoughts ?

> POST http://x.x.x.x:25/ HTTP/1.1

Somebody's probing to see if you're an open proxy to send spam through.
Chances are that a site that's got a open-proxy webserver (older Squid
releases had particular issues there), that they don't keep good logs and
the spammer can send a whole bunch of spam through without leaving much
of a useful trail....

Attachment: pgp00094.pgp
Description: PGP signature

References:
- [Full-Disclosure] HTTP request with SMTP message
  - From: "Tiago Halm" <thalm@netcabo.pt>

Prev by Date: Re: [Full-Disclosure] HTTP request with SMTP message
Next by Date: Re: [Full-Disclosure] HTTP request with SMTP message
Previous by thread: Re: [Full-Disclosure] HTTP request with SMTP message
Next by thread: Re: [Full-Disclosure] HTTP request with SMTP message
Index(es):
- Date
- Thread