Win a copy of Spring in Action (5th edition) this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Devaka Cooray
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Knute Snortum
  • Junilu Lacar
  • paul wheaton
Saloon Keepers:
  • Ganesh Patekar
  • Frits Walraven
  • Tim Moores
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Stephan van Hulst
  • salvin francis
  • Tim Holloway

Access Log : Meaning of "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 400  RSS feed

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Can anyone please explain the meaning of the line "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 400 in my Tomcat Access Log file? I have not configured any mailing programs. Please let know if this is a security threat.

Regards
Venugopal
 
Bartender
Posts: 19985
95
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's an attempt to leverage your tomcat server into being a spam proxy.

I don't think that in the normal course of events that you have anything to worry about as far as Tomcat goes. If you are fronting Tomcat with a stock webserver with proxying abilities such as Apache httpd, you should verify that you haven't accidentally set up reverse proxying that would allow Apache to be exploited.

I get dozens of these slimy mis-requests every day. Bastards.
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!