Knowledgebase

Portal Home > Knowledgebase > Articles Database > Proxy security issue


Proxy security issue




Posted by Syntheso, 08-03-2007, 05:22 PM
I have been having an issue with PHProxy and CGIProxy. My upstream provider had been receiving complaints about spam emails sent from my dedicated server. My host contacted me, and the techs worked out that people had been using the proxy on the server to log into email accounts and send out spam messages. My question is how can I configure them so people cannot use mail systems like Hotmail etc. I can always ban the sites...but there are so many. I still want people to be able to login to sites like MySpace, Facebook etc...how do other proxy sites do it without any issues? Thanks. Seb
Posted by csparks, 08-03-2007, 06:22 PM
I think the other proxy sites probably have a list of email providers and they ban them, I am not sure, as I have not really used a proxy to check a email account. But if I was you, I would just ban all the emailing sites, you do not have to ban myspace, as they do not provide free email do they?
Posted by Syntheso, 08-03-2007, 06:26 PM
I never thought about getting a list already written - good idea. What I meant about Myspace is that you can block scripts/cookies from being used, thus login forms not working.
Posted by zerosports, 08-04-2007, 02:48 PM
I just received that warning as well to remove the proxy service .
Posted by FIAHOST, 08-04-2007, 03:52 PM
You were hosting your proxies on a shared hosting?
Posted by zerosports, 08-04-2007, 03:58 PM
dedicated hosting , the spam was reported by spamcop.com
Posted by FIAHOST, 08-04-2007, 04:07 PM
May be your machines are relaying spam without your knowledge. Proxy websites attract some "unwanted" audience and are often targeted by various kind of attacks. Is your machine unplugged? You should contact your provider and ask him to put it back online. Tell them that you are sorry for the inconvenience and you are going to investigate the spam source on your machine. I don't know any host that would refuse to put your machine back online. Spamcop complaints are common. If a server is closed every Spamcop complaint, there would be no host on the business...
Posted by zerosports, 08-04-2007, 05:00 PM
machine isn't unplug, just a warning, to advice to remove the proxies ... I search and found it was actually from the newly proxy i added with facebook/myspace login enable ... so it also work for some other webmail service. I would have to create login process for the user to use proxies.
Posted by FIAHOST, 08-04-2007, 05:03 PM
Is proxy hosting against their TOS?
Posted by zerosports, 08-04-2007, 05:07 PM
nope, but spam is , the cause of spam is by public proxy
Posted by FIAHOST, 08-04-2007, 05:09 PM
But if you secure your public proxy and make sure that it won't be a source of spam and annoyance for them, there is no reason that they force you to put it down. Even an innocent form, eCommerce website or a contact form could be a spam source if it is not well maintained.
Posted by zerosports, 08-04-2007, 05:13 PM
the problem is public proxy aren't secure , most of them are open to anyone .
Posted by FIAHOST, 08-04-2007, 05:18 PM
In this case, you cannot provide any guarantee about the content transiting from them... What are your options? Closing?


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
what the heck is wrong with HOTMAIL? (Views: 466)
A few words about DNS cache poisoning? (Views: 461)
Chroot Website Files? (Views: 506)
Long Page Loads (Views: 464)
Strange domain problem on dedicated IP - Plesk (Views: 475)

Language: