XMPP Service Operators - 2019-11-08

  1. 404.city

    spam from jabber jabservice@jabbim.com jabservise@xmpp.jp quickcoin@linuxlovers.at quick_coin@exploit.im quick_coin19@jabber.sk Prof: https://telegra.ph/Flud-servis-04-10

  2. Ge0rG

    jabbim admins won't delete spammer accounts.

  3. 404.city

    Ge0rG, This is likely to be sufficient equipment to include jabbim .com in the ban list

  4. Ge0rG

    404.city: step 2: escalate to ISP

  5. Ge0rG

    -ETIME

  6. Ge0rG

    Alright, yax.im is going down for a short maintenance. BRB

  7. mightyBroccoli

    404.city: the blacklist Readme gives a nice overview of the overall workflow of this group.

  8. 404.city

    The worst thing is that blocking such servers causes negative feedback from users. At the same time, these same servers sell contact databases to spammers. When adding a contact from a similar server, a person automatically enters the spam mailing list. Then people wonder how spammers know their XMPP ID.

  9. Martin

    Do you have proof that those servers collect addresses and are not just abused from spammers for their dirty work?

  10. Martin

    Actually I only get spam to not existing jids. I don't know why, but I still report them as they might also have real users from other servers in their list.

  11. Ge0rG

    404.city [10:52]: > At the same time, these same servers sell contact databases to spammers. This is a very strong accusation. I hope you have proof of that.

  12. 404.city

    Ge0rG, Spammers wrote to me. They offered money to protect a spam account. They also offered money for the XMPP IDs contact database. They also offered spam protection. They said that they would not send spam to 404.city and from 404.city in exchange for protecting the spammer's account. I declined the offer of spammers, but some servers may be bribed by spammers.

  13. Ge0rG

    404.city: that's very interesting indeed. It puts a response I've received recently into a new light. Do you know of servers that accepted the deal?

  14. 404.city

    Ge0rG, >This is a very strong accusation. I hope you have proof of that. I have no evidence of this, but if the server protects spammers, the spammer probably bribed the owner of the server.

  15. Ge0rG

    Also what's the value in your user database if they promise not to spam you?

  16. MattJ

    Sell it to other spammers who will spam you :P

  17. pep.

    :D

  18. 404.city

    >Also what's the value in your user database if they promise not to spam you? In the router, the contacts of other servers. They buy contacts of interlocutors. This explains why XMPP IDs that are not publicly placed get into the spam database.

  19. pep.

    Wat

  20. pep.

    And you buy into this?

  21. 404.city

    >Sell it to other spammers who will spam you :P Spammers conflict with each other spamers. There is information that they order flood attacks against competing spammers.

  22. 404.city

    > ‎pep.‎: And you buy into this? I refused to sell the any database to these spammers.

  23. pep.

    k

  24. pep.

    ("Buy into" here was meant as "believe", not literally buying)

  25. 404.city

    I will explain the structure of the work of spammers.

  26. 404.city

    The spammers are located in Russia. This makes it impossible for them to be arrested by European intelligence services.

  27. 404.city

    I think the intelligence services already have enough information about them.

  28. Ge0rG

    What if we write a bot that registers random account names at different IBR servers and tracks incoming spam.

  29. Holger

    'honeybot'

  30. Ge0rG

    Holger: awesome name

  31. Ge0rG

    Holger: do it!

  32. pep.

    The distribution of spam is not the same among accounts

  33. pep.

    Even on the same server

  34. Martin

    > 'honeybot' 🥰

  35. Licaon_Kter

    > I think the intelligence services already have enough information about them. Since when is SPAM a matter for "intelligence agencies" pffft ?

  36. Ge0rG

    Licaon_Kter: they infiltrate the spammers to obtain lists of jabber users, to be used as input for the enemy of the state blacklists

  37. Licaon_Kter

    Ge0rG: cool story bro

  38. Ge0rG

    jonas’: how many outgoing c2s connections can aioxmpp handle?

  39. jonas’

    Ge0rG, it depends

  40. jonas’

    there is no technical limit

  41. jonas’

    the only limit will be your resources

  42. Ge0rG

    jonas’: how hard would it be to hack something together that does IBR on a list of servers and stays logged in with a non-negative presence?

  43. Licaon_Kter

    Ge0rG: that sounds like what a spammer would love, bypass captcha too? :))

  44. Ge0rG

    Licaon_Kter: you'd be surprised how many servers offer IBR with no captcha

  45. Licaon_Kter

    Ge0rG: user friendly for clients that can't, eg. CS

  46. Ge0rG

    There also used to be a promo video of a spam software showing off their parallel-connection tool

  47. Ge0rG

    Licaon_Kter: IBR captchas have been circumvented in the past

  48. Licaon_Kter

    I guess

  49. Ge0rG

    Licaon_Kter: https://www.youtube.com/watch?v=XCFmfpmz7yc

  50. jonas’

    Ge0rG, not that hard

  51. Licaon_Kter

    Saw that Ge0rG before, between those summerian, cuieniforms, letters, there's IBR and captcha?

  52. Link Mauve

    They never came to me to offer spam protection money. :(

  53. Link Mauve

    I’m a bit short on that lately.

  54. pep.

    Protection money ? :p

  55. Link Mauve

    Money at all. :p

  56. 404.city

    >‎Link Mauve‎: They never came to me to offer spam protection money. :( I think this money will not be enough for a good lawyer ;)

  57. Link Mauve

    Damn.

  58. Link Mauve

    My get rich quick plan is foiled!