On Tue, Oct 25, 2005 at 09:36:56PM +0100, lokesh.khanna@accelonafrica.com wrote:
> Hi
>
> I am running transparent squid server on Redhat ES 3.0 box. I noticed
> some time some of my users establish http connection with some server on
> internet and send spam mail. Header of that mail always contain squid
> server IP address. Is there any way I can insert customer's PC ip
> address also which is actually sending that mail?
You must have a rule which allows squid to connect to port 25
that you should disable.
I believe this sort of spamming uses the CONNECT method. The
default squid configuration prevents this already with:
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
and
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl Safe_ports port 21 # ftp
http_access deny !Safe_ports
--- Chris Covington IT Plus One Health Management 75 Maiden Lane Suite 801 NY, NY 10038 646-312-6269 http://www.plusoneactive.comReceived on Tue Oct 25 2005 - 15:00:10 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:05 MST