[Gllug] spews blacklist/squid

Doug Winter doug at pigeonhold.com
Mon Jun 2 20:32:10 UTC 2003


On Mon 02 Jun Ashley Evans wrote:
> Could somebody point me to an explaination of how a proxy can be used in this 
> way. Of course I don't want to spam but I am interested in how this works and 
> can be defended against/tracked. I am running squid atm but it's firewalled 
> against all incomming trafic not on the local subnet.

[doug at brie doug]$ telnet localhost 3128
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
CONNECT 217.204.76.170:25 HTTP/1.0

HTTP/1.0 200 Connection established

220 stilton.pencil.net ESMTP Exim 3.35 #1 Mon, 02 Jun 2003 21:29:50 +0100
MAIL FROM: <doug at pigeonhold.com>
250 <doug at pigeonhold.com> is syntactically correct
RCPT TO: <doug at pigeonhold.com>
250 <doug at pigeonhold.com> verified
DATA
354 Enter message, ending with "." on a line by itself
Subject: w00t!  I am teh evil hax0r!

This is only a test.

.
250 OK id=19MvwW-0005Hr-00
QUIT
221 stilton.pencil.net closing connection
Connection closed by foreign host.

In the above example, 217.204.76.170 is in fact a receiving MTA for
pigeonhold.com.  However, it could easily have been a machine on the
same network as the proxy, that will relay mail from the proxy host.

doug.

-- 
As soon as questions of will or decision or reason or choice of action
arise, human science is at a loss. -- Noam Chomsky

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20030602/576891dd/attachment.pgp>


More information about the GLLUG mailing list