You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Ivan Ristic <iv...@webkreator.com> on 2003/08/28 11:58:34 UTC

Re: [apache-modules] Spam Using SMTP "Over" HTTP-Proxy

Eli Marmor wrote:
> Hi,
> 
> ...
> 
> It is VERY easy for mod_proxy of Apache to recognize such sessions and
> block them. Before I'm starting such a project, I'd like to know:
> 
> 1. Is there any existing code and/or module that implements this?
> 2. Is there any plan to add this to Apache / mod_proxy?  My plan will
>    take a long time...
> 3. Is there anything that can be learned from other proxies (e.g Squid)
>    regarding this issue?
> 4. Can anybody add anything to the details that I wrote or has anything
>    else to contribute to the effort?

   Well, of the top of my head, you can stop this spam with mod_security
   and this line (just a crude filter, there are probably other better
   and more effective ways to do it):

   SecFilterSelective REQUEST_URI ":25"

   But I would say that it would be better to change mod_proxy to block
   such requests by default. People who are likely to install and
   use mod_security are unlikely to have their proxies widely open like
   this.

-- 
ModSecurity (http://www.modsecurity.org)
[ Open source IDS for Web applications ]