Looking through some logs I found these entries:

a.b.c.d - - [01/Dec/2004:06:54:58 -0500] "CONNECT mx0.#*$!.com:25 HTTP/1.0" 200 8178 "-" "-" "a.b.c.d.1101902098420340"
a.b.c.d - - [01/Dec/2004:06:54:58 -0500] "POST http://a.b.c.d:25/ HTTP/1.1" 200 8178 "-" "-" "a.b.c.d.1101902098501137"
a.b.c.d - - [01/Dec/2004:06:55:00 -0500] "QUIT" 200 8178 "-" "-" "a.b.c.d.1101902100254650"

where

'a.b.c.d'

was the same IP in all three places, and that was not the IP of my server; and

'mx0.#*$!.com'

was not even close to my server's name. Port 25 is the SMTP port, so someone might of been fishing for mail servers trying to use my server as a proxy (which should of failed).

I also found this:

w.x.y.z - - [18/Dec/2004:13:37:11 -0500] "GET http://www.#*$!x.com/ HTTP/1.1" 200 8178 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)" "w.x.y.z.1103395031545401"

I'm intrigured why the CONNECT, POST, QUIT and improper GET requests didn't cause errors - I'm surprised to see the 200 status code. The number of bytes served matches that of my site's homepage, which makes it even more intriguing.

Any thoughts? Thanks,

Larry