Open Proxies, abuse, and detection

An open proxy is a proxy server which will accept client connections from any IP address and make connections to any Internet resource. Abuse of open proxies is currently implicated in a significant portion of e-mail spam delivery. Spammers frequently install open proxies on unwitting end users' Microsoft Windows computers by means of computer viruses designed for this purpose. Internet Relay Chat (IRC) abusers also frequently use open proxies to cloak their identities.

Because proxies could be implicated in abuse, system administrators have developed a number of ways to refuse service to open proxies. IRC networks such as the Blitzed network automatically test client systems for known types of open proxy. Likewise, an email server may be configured to automatically test e-mail senders for open proxies, using software such as Michael Tokarev's proxycheck.

Groups of IRC and electronic mail operators run DNSBLs publishing lists of the IP addresses of known open proxies, such as Blitzed OPM and CBL.

The ethics of automatically testing clients for open proxies are controversial. Some experts, such as Vernon Schryver, consider such testing to be equivalent to an attacker portscanning the client host. Others consider the client to have solicited the scan by connecting to a server whose terms of service include testing.

Related Articles

• What is a Proxy Server?
• Anonymous Proxy Risks
• How to use a Proxy Server