I was peering through my logs, and I saw something that made me gape
in horror: Someone was connecting to my web-server using a CONNECT
and going out to port 25 on a remote host.

They only did this once.  Another joker tried it, too, also only
once.

I had set up Apache 2 to play with.  It looks like Apache declined
the CONNECT request, but it didn't log to error_log.

Should I be paranoid?  Well, okay, I probably should be; rather
let me ask, is this okay, or does something need to be fixed?

(Looking around a bit, it appears that this spammers' delight is
only opened up if I enable proxying---which I have not done---so
things *should* be okay.  I just had my cage rattled by the line
in my "access_log".  (^&)


-- 
  "I probably don't know what I'm talking about."  --rkr@olib.org