Synopsis
The remote proxy allows SMTP connections to be tunneled using the HTTP CONNECT method.
Description
The remote proxy allows SMTP connections to be tunneled using the HTTP CONNECT method. If this an open proxy (ie, it is remotely accessible by those outside the corporate network), then this feature may be used to send SPAM mail.
Solution
Lock down which port numbers the proxy will tunnel connections to for client CONNECT requests. Also, ensure that only authorized users are allowed to connect to the proxy.
