Over the past month or so Ive seen many logs like this in my access logs: removed.hostname proxyscan2.isomedia.com - - [23/Feb/2004:07:23:05 -0500] "CONNECT 66.114.137.17:25 HTTP/1.0" 302 217 "-" "-" removed.hostname proxyscan2.isomedia.com - - [23/Feb/2004:07:23:06 -0500] "POST http://66.114.137.17:25/ HTTP/1.0" 302 217 "-" "$
Now I just checked my servers ip, and its has been blacklisted because of spammers using it.. Now I know every customer of mine, and I checked them out and no one has any mails scripts like that installed so.. This only happens when I see those logs in my apache logs.. Any ideas where to go to look for a fix for this problem?? At first I thought nothing of it because it looks like many of the emails end back up bounced in my admin mbox, but I guess a shitload gets through.. Any ideas would help!! Thanks Dave _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
