[exim] HTTP requests to port 25?

Pàgina inicial
Delete this message
Reply to this message
Autor: Marc Sherman
Data:  
A: exim-users
Assumpte: [exim] HTTP requests to port 25?
My logs show a number of SMTP protocol violations similar to this one:

2005-11-21 04:55:24 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=ns1.avs18.com[85.118.32.254] input="POST / HTTP/1.1\r\nHost:
projectile.ca:25\r\nContent-Type:text/plain\r\nContent-Length:
891\r\nMax-Forwards: 10\r\nVia: 1.0 projectile.ca:25\r\n\r\nRSET\r\nHELO
lab-"

Does anyone know what the deal is with those? Is it some kind of
exploit against a broken HTTP proxy server? If so, why is it hitting
port 25 instead of port 80?

- Marc