30 Jan 23:45
Re: How do I block mail attempts?
From: Ivan Ristic <ivanr <at> webkreator.com>
Subject: Re: How do I block mail attempts?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2005-01-30 22:45:00 GMT
Subject: Re: How do I block mail attempts?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2005-01-30 22:45:00 GMT
> I am talking about HTTP POST/PUT relaying, which can be exploited
> by encoding SMTP requests into HTTP POST data (or a PUT request
> in the same format). Example:
I am guessing you have a reason for running a proxy on
that web server?
Try this (Apache 2.x syntax):
<Proxy *>
RewriteEngine On
# Do not allow proxy requests to target port 25 (SMTP)
RewriteRule "^proxy:[a-z]*://[^/]*:25(/|$)" "-" [F,NC,L]
</Proxy>
It is probably possible to do something with mod_security too
but I don't have time at the moment to verify it. On the other
hand I know the solution above works
--
--
Ivan Ristic (http://www.modsecurity.org)
-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
RSS Feed