View Single Post
Unread 30-07-2012, 23:52   #2
Join Date: Mar 2012
Posts: 50
Credits: 1.02
Rep Power: 8 Hobbyist is an unknown quantity at this point

I guess I need to put out a warning since I've noticed an issue with my wingate proxy service. After 4 months or so of running the exact setup described in the video (i.e. just a simple http proxy with no mail support of any kind) I see the email spammers have been making use of my machine.

I'm not sure how routing HTTP format traffic, SSL encrypted or otherwise, to an SMTP server on port 25 would work, but it sure looks like that's the jist of whats happening. It definately seems to proxy just fine with nothing but wingate's http proxy server (and SSL enabled on it). As a matter of fact, if it weren't for the references to port 25 I wouldn't be 100% sure they are spam.

The entries in the pic are from wingate's View->Activity window. A connection opens/closes every 2 to 10 seconds.

If you turn off support for SSL completely :

Then you reduce activity to what looks like normal activity except for

Is anybody really good at whois and the like - Who exactly is Are they the other public key holder in the SSL link??

At least untill I get a filter set up to prevent being exploited I'm shutting down except for testing. If I decide to spend a few hours with the cache viewer and wireshark I'll post an FYI about what goes through my machine. I really just wanted to mention the spam issue I'm having so anyone that built a server from the video will notice it and decide for themselves what to do about it.
Give me ambiguity or give me something else!
Hobbyist is offline