XMPP Service Operators - 2017-11-30

spam spam spamm

yeah, my jabber.org account is set to deny all but contacts in roster now. It has really picked up the last two weeks.

never knew there were so many servers out there. Or at least domains.

ThurahT: hard to find new contacts this way, though

I thought the jabber spam era has ended years ago

mrDoctorWho: there is a new spam era now

I wonder what they're trying to achieve

run by a bunch of Russian spammers, advertising for illegal services, credit card dumps and drugs

Oh, yes indeed, now I remember

I had a jid on jabber.ru and I was receiving such spam too

Ge0rG: I got movim for that : )

just in: message from user763@pvpctutorials.de/nfWTmyU, body contains "Качественная рассылка по jabber // jabber advertising // https://pastebin.com/raw/hHmFT5Xh"

ThurahT Movim is not spamming, we are just mining BTC and transfering them directly to our wallet :)

I approve

Back in the days, when spam usually didn't come out of chatrooms, most of them had their ban lists full of servers with open registration

: )

send a jabber message to 250k contacts for only 20$ in BTC

or two-hours XMPP flood for only 10$

I'm wondering if we could define together rules to allow S2S

I really need a way to inject subscription-rejections based on that

MattJ: please? :D

because a bunch of those servers doesn't seems legit by just having a look at the domain

edhelas: I'm pretty sure those are just semi-abandoned IBR servers.

not sure

spam from='helpdesk@freiebaptisten.de/312425043290271873351426'. What. The. Fun.

they maybe have a script to create domains on the fly, put a letsencrypt certificate and boom

edhelas: yeah sure.

or they just spam IBR domains.

you have a fully legit XMPP server

I think that IBR should be deprecated

edhelas: let's just deprecate XMPP altogether. We don't need new users, and neither existing ones

true

the problem isn't IBR, the problem is unlimited IBR and abandoned servers

from='lessie@paranoid.scarab.name/7PC0mmOf'

edhelas: such spam would be non-profitable

also dumb default configurations

from='redirect485@xjabber.org/KwdwovgL' from='info847@legalize.li/2fo6m' from='user173@jabber.tanjeff.net/lXqCN9'

Such interesting names

If only the XSF had a spam fighting taskforce.

Then I could write it down once and not repeat myself every week.

There is project Providence, but it it's seems abandoned and I don't think it even works

I'm afraid of spam on pubsub as well

I'll restrict publication on my pubsub services from my own xmpp accounts only if it appears

Agenda items: 1) disable IBR by default, make sure that private servers have better means, and that for public servers there are appropriate limits in place 2) create automated ways to notify admins of abuse on their servers 3) implement server-side modules that track a remote domain's reputation, maybe even with an export/import feature to share insights with friends. Use that to block old unmaintained IBR servers

from='dollar345@sweetway.info/rzXaiIQ'

Ge0rG: the #3 sounds centralized

mrDoctorWho: federated, not centralized.

mrDoctorWho: like, I trust the admins of xmpp.org and of conversations.im, so I can share my stats with them

Hmm, makes sense

from='paliyvadim@simple-systems.ru/3418065207151241907771167'

From that last domain, I had ten different accounts contact yax.im users in the last 10 days

I kind of like the idea of a federated blacklist but the whole "web of trust" idea does not really work...

zuglufttier: I think it depends on the abstraction level

zuglufttier: have a look at email spam RBLs

Still, how do I get off that blacklist?

create a new random domain

That's what a spammer would do ;)

gmail.com immediately responds to my server's stream header with <not-authorized/>. Are they finally closing down s2s?

Yes!

So others noticed this already? Or is there even some public info?

Yesterday(?) in the prosody room

Ah, thanks.