Email
sendmail 日誌中的“可能的開放代理:command=POST”到底是什麼意思?
我在我的 sendmail 日誌中註意到以下內容:
May 11 11:11:16 foobox sendmail[21111]: uADEFHG21111: [1.1.1.1]: probable open proxy: command=POST http://foo2.example.com May 11 11:11:16 foobox sendmail[21111]: uADEFHG21111: [1.1.1.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
(IP、QID 和日期已更改以保護無辜者 :-))
這裡還有幾個錯誤:
May 11 12:12:12 foobox sendmail[22222]: u4BACDCDC22222: [1.1.1.1]: probable open proxy: command=GET http://example2.domain.com/foo2/ May 11 12:12:12 foobox sendmail[22222]: u4BACDCDC22222: [1.1.1.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
我以前從未見過這種情況,我不清楚這裡到底發生了什麼。有人可以詳細說明嗎?有東西試圖通過 Web 連接啟動 SMTP 連接?或相反亦然?
Sendmail 假定連接“很可能”是通過一個開放的 http 代理來的。
從垃圾郵件預防的角度來看,發送標準的“無法辨識的命令”回复並接受下一個 SMTP 命令是“不明智的”。[實現於
srvrsmtp.c
]HTTP 代理伺服器可以發送/中繼嵌入到 HTTP 請求中的有效 SMTP 命令。如果沒有這種改進,它可能會導致接受電子郵件,尤其是本地郵箱。
恕我直言,它過去的用處不大,但它仍然遠離從 sendmail 的程式碼中刪除。
發送郵件的
RELEASE_NOTES
文件:8.14.0/8.14.0 2007/01/31 .... Try to deal with open HTTP proxies that are used to send spam by recognizing some commands from them. If the first command from the client is GET, POST, CONNECT, or USER, then the connection is terminated immediately.