From: Sancar Saran (saran@sim.com.tr)
Date: Sat 12 Jul 2003 - 09:39:42 EEST
On Friday 11 July 2003 22:46, you wrote:
> selamlar,
>
> smtpblock adinda bir proje varmis.
> http://www.angmar.com/smtpblock/project.html
> maillog u inceleyip relay e acik posta sunuculari ayni zamanda
> prxytest adinda bir script le (http://www.unicom.com/sw/pxytest/)
> open-proxy leri test edip yasakliyor.Daha dogrusu benim okuduklarimdan
> anladigim bu.
> Bir deneyip gormek lazim.
> yahoo da boyle bi sistem kullaniyor. open-proxy niz varsa kisa bir
> sure icinde yahoo tesbit edip blokluyor sizi.
> karsilasabilecekler icin
> (http://help.yahoo.com/help/us/mail/defer/defer-02.html)
>
> saygilar sevgiler
>
> Halil Helvacioglu wrote:
> >Bu olay sahsen benim basima geldi.. Spammerlar sonucta kendi mail server
> >larini kullaniyolar spam gondermek icin, ama SPAM ler sizin IP
> > adresinizden gidiyormus gibi gozukuyor. AOL den ve bir kac ISP den
> > telefon geldi SPAM gonderiyorsunuz falan diye, sendmail loglarina baktim
> > hicbirseye
> >rastlamadim, sonra squid loglarinla gordum http://xxxxx:25 diye binlerce
> > log vardi.
> >
> >
> >Bu sitede bu konu ile ilgili bilgi bulabilirsiniz..
> >
Zor block ederler zooor, adamlar duzinelerce c block var, rotate ettirip
gonderiyorlar, iki ay icinde de c bloklari degistiriyorlar, Ripe tan
bakiyorsun blogun sahibi belli degil.
> >http://news.spamcop.net/cgi-bin/fom?_recurse=1&file=75#file_183
> >
> > HTTP Proxies (Cisco and Squid)
> > Spammers have been hijacking HTTP proxy servers to send their spam
> >out, usually pointing the finger at the server IP, hiding their IP address
> >from being reported.
> > Cisco cache engines
> >
> > Turn off http proxy service with the "no http proxy incoming"
> > command in global config mode. This will prevent all users from
> > arbitrarily using the cache engine as their HTTP proxy server.
> >
> > Squid proxies
> > More and more often, spammers are transferring spam via Squid
> > proxies. This allows them to hide their tracks entirely, so only the host
> > of the proxy will be reveald in the spam headers.
> >
> > The fix:
> > squid.conf should read:
> > http_access deny !Safe_ports
> > http_access deny CONNECT !SSL_ports
> > http_access deny all
> >
> >
> >
> >
> >
> >Halil Helvacioglu
> >
> >----- Original Message -----
>
> From: "Sancar Saran" <saran@sim.com.tr>
>
> >To: <linux-guvenlik@liste.linux.org.tr>
> >Sent: Friday, July 11, 2003 9:18 AM
> >Subject: [linux-guvenlik] Re: Proxy ve SPAM
> >
> >>On Friday 11 July 2003 18:55, you wrote:
> >>>Selamlar...
> >>>
> >>>Benim soyledigim, relay mekanizmasi degil. Proxy server (squid)
> >
> >uzerinden
> >
> >>>baglanarak yapilan spam..
> >>>
> >>>Saygi ve sevgiler..
> >>
> >>???
> >>
> >>Nasil olacak simdi o?
> >>
> >>Sancar