Re: open proxy

From: Devdas Bhagat (dvb@users.sourceforge.net)
Date: 04/01/03

  • Next message: Jose Celestino: "Re: Email Encryption Between Servers"
    Date: Tue, 1 Apr 2003 16:02:29 +0530
    From: Devdas Bhagat <dvb@users.sourceforge.net>
    To: security-basics@securityfocus.com
    
    

    On 30/03/03 12:31 +0200, Joost Ernest wrote:
    > I have a question regarding to "open proxy". We are using Domino server
    > as our mail server in a w2k server environment. A week ago we started to
    > receive a-mail from a Dutch ISP dat our mailserver has been listed in an
    > Open Proxy Database. As a result of this we can't send e-mail at all...
    You have an open proxy on your network. Possibly ISA? Have the proxy
    accept requests *only* from your ip block.
    With squid (http://www.squid-cache.org), I would do:
    acl mylan src 192.168.1.0/24 #This is the netblock for my local LAN
    http_access allow mylan #Permit my LAN users to use squid
    http_access deny all #Deny everyone

    > I have started to block some ports explicitly (135, 139, 443, 1080,
    > etc..) I also read some articles about this subject in which was written
    First rule of firewalling:
    Block everything,
    Open as needed.

    > that i should use Authentication for every user that wants tos end
    > E-mail. I know how to configure this in Exchange but i don't know how i
    > can arrange this with Domino server.
    You need to authenticate on the basis of IP addresses, or username
    password pairs.

    http://www.google.com/search?q=smtp+auth+domino

    HTH
    Devdas Bhagat

    -------------------------------------------------------------------
    SurfControl E-mail Filter puts the brakes on spam,
    viruses and malicious code. Safeguard your business
    critical communications. Download a free 30-day trial:
    http://www.securityfocus.com/SurfControl-security-basics


  • Next message: Jose Celestino: "Re: Email Encryption Between Servers"

    Relevant Pages

    • Re: Relay for spam?
      ... Now my ISP is complaining about being a relaay for spam. ... a SMTP mail sever set up as an open relay. ... A proxy server usually is set up so that people on the internal IP ... An open proxy allows ...
      (Ubuntu)
    • Re: There needs to be an international policy
      ... No e-mail server is going to benefit from an e-mail. ... > There is no open SMTP server in those headers, just an open proxy, according ...
      (microsoft.public.security)
    • Re: There needs to be an international policy
      ... George Hester ... No e-mail server is going to benefit from an e-mail. ... >>> The open proxy is the relaying agent, connecting to my ISP's MX server. ... >>> a UUNet connected computer controlling the Charter customer's open proxy as ...
      (microsoft.public.security)
    • Re: Black listed as open Proxy
      ... Try to verify if you are relaying. ... > I have an Echange 2000 server that has been black listed. ... > was an open proxy by one and a SOCKS Proxy by another. ... > enabled in your mail server, ...
      (microsoft.public.exchange2000.admin)
    • Re: Printing Problems (2nd request)
      ... lpstat: Unable to connect to server: Connection refused ... # Encryption: whether or not to use encryption; ... got two printers connected, both of which used to work fine. ... Deny From All ...
      (Fedora)