denying CONNECT() in httpd.conf

i have been hit by a spammer using my server as a remailer. when
i run the command:

grep CONNECT /var/log/http/access_log

i get the following output:

24.30.199.228 - - [01/Jul/2003:05:58:14 -0400]
"CONNECT security.rr.com:25 HTTP/1.0" 302 0 "-" "-"

so i'm going to assume that the offender is security.rr.com (or
someone using their server as a remailer to my server).

so if i put the following in httpd.conf:

Deny from security.rr.com

would this deny anything from this address from exploiting
the CONNECT() of apache (using version 1.3.27-1.2)?

thanks for any help.

(E-Mail Removed)

CONNECT only will work if you operating a proxy server,otherwise Apache will
toss the request.

FWIW, RoadRunner scans any SMTP servers that communitate with their own SMTP
servers to look for potential spammers. If you're operating an open proxy,
RR's SMTP server will blacklist you until you resolve the problem with
RoadRunner Security. I get these in my logs too. Nothing to worry about
unless you have an open proxy on your machine..

"jack wallen" <(E-Mail Removed)> wrote in message
news(E-Mail Removed) t...
> i have been hit by a spammer using my server as a remailer. when
> i run the command:
>
> grep CONNECT /var/log/http/access_log
>
> i get the following output:
>
> 24.30.199.228 - - [01/Jul/2003:05:58:14 -0400]
> "CONNECT security.rr.com:25 HTTP/1.0" 302 0 "-" "-"
>
> so i'm going to assume that the offender is security.rr.com (or
> someone using their server as a remailer to my server).
>
> so if i put the following in httpd.conf:
>
> Deny from security.rr.com
>
> would this deny anything from this address from exploiting
> the CONNECT() of apache (using version 1.3.27-1.2)?
>
> thanks for any help.
>
> (E-Mail Removed)
>
>