HPE Community
Operating System - HP-UX
1833553 Members
3211 Online
110061 Solutions
New Discussion

Span from Apache Web Server

 
MTSU_SAN
Regular Advisor

‎04-19-2001 08:21 AM

‎04-19-2001 08:21 AM

Span from Apache Web Server

Recently, someone on campus has been sending spam, and the return address shows up as httpd@mtsu.edu (which boils down to our Apache Web Server).
How do they do that, and is there anyway that I can block it or stop it??
0 Kudos
Reply
4 REPLIES 4
Ron Cornwell
Trusted Contributor

‎04-19-2001 09:53 AM

‎04-19-2001 09:53 AM

Re: Span from Apache Web Server

There are several products out there that will allow you to mask the email address you are sending from ( blat for example). Another way this can be done is to telnet directly to port 25 on the mail server and the you can tell who you want your email to go to and who you want it to look like it came from.
0 Kudos
Reply
Kevin Wright
Honored Contributor

‎04-19-2001 10:05 AM

‎04-19-2001 10:05 AM

Re: Span from Apache Web Server

anyone can do this with a connection to the internet...
/usr/lib/sendmail -f"anyone@anydomain.com toanyone@anywhere"

as long as 'anydomain' resolves to a 'real' domain through the DNS lookup performed by the recieving mail server, this will work.
0 Kudos
Reply
MTSU_SAN
Regular Advisor

‎04-19-2001 10:28 AM

‎04-19-2001 10:28 AM

Re: Span from Apache Web Server

I mispoke. The Received from: address is httpd@localhost on our web server machine. Sendmail only forces the From: address, and even then an authorization warning is produced by our configuration.
0 Kudos
Reply
MTSU_SAN
Regular Advisor

‎04-23-2001 05:26 AM

‎04-23-2001 05:26 AM

Re: Span from Apache Web Server

This has been partially resolved--they were using FormMail (our campus-wide copy) and specifying email, Subject and message body in the URL.
Haven't figured out how to block this yet without censoring messages...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.