Re: [squid-users] Re: Open & abused proxy list(s); appeal for instructions on how to close problems

From: Squid Support (Henrik Nordstrom) <[email protected]>
Date: Wed, 20 Feb 2002 22:29:22 +0100

On Wednesday 20 February 2002 19:04, Allen Smith wrote:

> Ah. I just got an email from someone claiming that Squid could not
> be abused to send spam; you'll be getting a copy of my response.

Squid can very easily be abused to send spam unless one has the
proper safetyguards installed in squid.conf.

The Squid configuration as shipped with Squid has several rules to
prevent spamming and similar abuse of the proxy. These rules very
effectively stops this kind of abuse.

If the administrator for one reason or another selects to not have
these rules installed he is shooting himself in the foot in many ways:

  a) The service will quicly be abused by email spammers

  b) Abused by foreign users needing an open proxy to bypass various
laws or restrictions.

  c) Abused by hackers as a jump-gate to attack others systems,
leaving the heat at the proxy administrator or his company.

  d) And a whole set of similar abuses

In fact, the spam relaying is probably one of the least important
problem, but perhaps the most visible to others as a single spammer
tends to reach a rather wide audience..

Regards
Henrik Nordstr�m
Squid Developer

-- 
MARA Systems AB, Giving you basic free Squid support
Customized solutions, packaged solutions and priority support
available on request
Received on Wed Feb 20 2002 - 14:53:52 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:29 MST