Bugtraq mailing list archives
Re: UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall]
From: Jason Haar <Jason.Haar () trimble co nz>
Date: Thu, 21 Feb 2002 13:26:51 +1300
On Tue, Feb 19, 2002 at 02:19:50PM -0800, Steve VanDevender wrote:
It's not just Checkpoint Firewall that has a problem with HTTP CONNECT. From what I can tell default installations of the CacheFlow web proxy software, some Squid installations, some Apache installations with proxying enabled, and some other web proxy installations I haven't identified allow anyone to use the HTTP CONNECT method. This is being used more and more often to relay spam. This is a boon for spammers
The authors of Squid sorted that problem out YEARS ago. The default ACLs within Squid state: acl SSL_ports port 443 563 # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports i.e. you can only use the CONNECT proxy option for ports 443 and 563. I'm amazed this isn't the default in other products... This is a really old problem... -- Cheers Jason Haar Information Security Manager Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417
Current thread:
- UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] William D. Colburn (aka Schlake) (Feb 19)
- Re: UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] Dennis Henderson (Feb 19)
- UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] Steve VanDevender (Feb 20)
- Re: UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] Mike Benham (Feb 20)
- Re: UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] Randal L. Schwartz (Feb 21)
- Re: UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] Jason Haar (Feb 21)
- Re: UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] Ronald F. Guilmette (Feb 21)
- Re: UPDATE: [wcolburn () nmt edu: SMTP relay through checkpoint firewall] Mike Benham (Feb 20)