my dog learned polymorphism*
The moose likes Tomcat and the fly likes Access Log : Meaning of Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Access Log : Meaning of "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 400" Watch "Access Log : Meaning of "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 400" New topic
Author

Access Log : Meaning of "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 400

Venugopal Pillai
Greenhorn

Joined: Aug 02, 2012
Posts: 1
Hi,

Can anyone please explain the meaning of the line "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 400 in my Tomcat Access Log file? I have not configured any mailing programs. Please let know if this is a security threat.

Regards
Venugopal
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16020
    
  20

It's an attempt to leverage your tomcat server into being a spam proxy.

I don't think that in the normal course of events that you have anything to worry about as far as Tomcat goes. If you are fronting Tomcat with a stock webserver with proxying abilities such as Apache httpd, you should verify that you haven't accidentally set up reverse proxying that would allow Apache to be exploited.

I get dozens of these slimy mis-requests every day. Bastards.


Customer surveys are for companies who didn't pay proper attention to begin with.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Access Log : Meaning of "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 400