LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page mod_proxy and email connections?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-22-2005, 12:37 PM   #1
rioguia
Member
 
Registered: Jun 2002
Posts: 411

Rep: Reputation: 30
mod_proxy and email connections?

Can someone point me in the right direction to answer some questions about my Fedora Core 4 server with Apache and Postfix. I have seen a big spike in my catch-all mailbox of rejected emails, apparently sent by some spanner pretending to be a mail server on my domain.

Additionally, I have seen attempts to connect to mod_proxy (which I have not enabled and understand is disabled by default in Apache 2.0). Specificially, my logs show:
Connection attempts using mod_proxy:
61.224.69.52 -> smtp.rol.ru:25: 1 Time(s)

and this notation:
Unrecognized warning:
p10040-ipbffx02hodogaya.kanagawa.ocn.ne.jp[60.39.233.40] sent non-SMTP command:
POST / HTTP/1.0 : 1 Time

The email that bounces has an attachment about discount software and its headers look like the following:
Quote:
Return-Path: <>
X-Original-To: JuliaSheets@fill_in_my_domain_here.com
Delivered-To: my_address@fill_in_my_domain_here
Received: from smtp1.abanet.org (smtp1.abanet.org [208.49.131.60])
by testy.fill_in_my_domain_here.com (Postfix) with ESMTP id 4A7411280EA
for <JuliaSheets@fill_in_my_domain_here.com>; Wed, 21 Dec 2005 16:40:12 -0500 (EST)
Received: from localhost (localhost)
by smtp1.abanet.org id jBLLemJb010459;
Wed, 21 Dec 2005 15:40:48 -0600 (CST)
Date: Wed, 21 Dec 2005 15:40:48 -0600 (CST)
From: Mail Delivery Subsystem <MAILER-DAEMON@smtp1.abanet.org>
Message-Id: <200512212140.jBLLemJb010459@smtp1.abanet.org>
To: <JuliaSheets@fill_in_my_domain_here.com>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="jBLLemJb010459.1135201248/smtp1.abanet.org"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
Status: RO
X-UID: 50261
Content-Length: 24108
X-Keywords:
Last edited by rioguia; 12-22-2005 at 12:40 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
connection attempt mod_proxy mnauta Linux - Security 12 02-02-2006 10:38 PM
Apache mod_proxy Proxy Pass dancarl Linux - Software 0 08-15-2005 11:10 AM
mod_proxy slow , how to improve performance tclwp Linux - Networking 2 03-24-2005 12:36 AM
Webmin Through Apache using mod_proxy... ech310n Linux - General 0 01-28-2004 04:12 PM
apache2 mod_proxy - swiki bkeating Linux - Software 0 10-28-2003 04:58 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:33 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration