Help | Site Map
| Text size: - +
(Answer) (Category) SpamCop FAQ : (Category) Help for abuse-desks and administrators :
HTTP Proxies (Cisco / Squid / Mailtraq)
Spammers have been hijacking HTTP proxy servers to send their spam out, usually pointing the finger at the server IP, hiding their IP address from being reported.

Cisco cache engines

Turn off http proxy service with the "no http proxy incoming" command in global config mode. This will prevent all users from arbitrarily using the cache engine as their HTTP proxy server.

Squid proxies
More and more often, spammers are transferring spam via Squid proxies. This allows them to hide their tracks entirely, so only the host of the proxy will be reveald in the spam headers.

The fix:
squid.conf should read:
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all


Mailtraq bills itself as an inexpensive alternative to Microsoft Exchange that runs on ordinary Windows. Mailtraq offers a Proxy as an option to all its Mailtraq versions. If you don't set up access rules, the proxy is open to anyone to abuse

The fix:
Select 'options - services' then select the properties of the HTTP proxy. In the properties there is an 'access control' tab that can be used to specify the authorized IP's.

[Append to This Answer]