Yesterday I installed Apache server on my computer having Ubuntu9.10 Desktop amd64 version.
I find this line in apache logs:
118.160.208.213 - - [11/Mar/2010:13:17:32 +0530] "CONNECT maild.agc.idv.tw:25 HTTP/1.0" 405 559 "-" "-"
I searched it on net and find it is something related to spammers and spammers are trying to use my server.
I foud this on internet:-
>CONNECT 195.***.76.123:25
>Can someone explain to me what this person is trying to do?
Since port 25 (smtp) has been hit, it's likely a spammer trying to use your server as a spam relay server.
The Limit rule shoud block 'em.
>Would this still be written to the log files though?
Afaik yes. But with a 403 status code instead of 200.
btw, Welcome to WebmasterWorld [webmasterworld.com], DrTebi. "
Are spammers successful with it.
Router Settings:
I have enabled DMZ in my router for my PC.
NAT -- Virtual Servers - I am using http and ftp server.
No ports are forwarded.
so all ports are blocked except 80 and 21.
then how a spammer get a hit at 25 port.
Please explain it.
Bookmarks