I may be an excellent software developer, but I'm a mediocre system administrator. Some of the stuff here may be obvious to the experienced, but I need the reminders and cheat sheets. Also, I want to record some of the lessons I've learned along the way.
General Security Links
Apache Proxy used as an Open Mail Relay by spammers
I've completely disabled the proxy capabilities in Apache until I can figure out how to properly close this vulnerability. As I research this, here are some links I've found interesting:
[http://iheavy.com/node/14 Tracking the Wily Proxy Hackers] describes the exact situation in which I found myself. The solution mentioned there, totally disabling the proxy capability, is what I've done for a temporary solution. Long term, I really want to figure out how to control the proxy capability, rather than nuke it altogether.
[http://spamlinks.net/prevent-secure-proxy-fix.htm Securing open proxies]
[http://www.apacheweek.com/issues/03-07-25#security Apache 1.3.28 release notes] describe the problem with respect to the Apache 1 releases, but I'm running Apache 2.
Email DNS Blacklists
[http://www.cmsconnect.com/blm/blmonitor.htm BL-Monitor] is a free visual tool to analyze DNSBL response times and effectiveness for the DNSBL servers you use.
[http://www.trustedsource.org/ TrustedSource] checks the reputation of an email sender.
Other security links
[http://www.emailbattles.com/archive/battles/vuln_aachdjbifd_ff/ Top 5 Open Proxy Ports & How To Fix Them]
http://ist.uwaterloo.ca/security/howto/ Mostly applicable to University of Waterloo environment, but plenty of generic information, too.
http://www.linux-sec.net/Harden/server.gwif.html Looks like a great collection of information.