-
edhelas
ok, I start to get many spams that are always coming in pair
-
edhelas
a spammy message + invitation
-
Ge0rG
edhelas: invitation or subscription request?
-
edhelas
subscriptions
-
Ge0rG
Yeah, annoying. But not useful.
-
Ge0rG
My server only leaves through the subscription requests, because those come first
-
edhelas
ok
-
Ge0rG
And there is no easy way to pull them back automatically
-
edhelas
lona8798@yax.im
-
Ge0rG
edhelas: already deleted that one.
-
edhelas
good
-
404
I hate these spammers. They manage spam from the telegram and forums.
-
Ge0rG
404: pardon?
-
404
I receive a lot of spam from different servers. Smelly rats.
-
404
Spammers are avenging me. I've banned spammers.
-
Ge0rG
And what about Telegram and forums?
-
Ge0rG
I've deleted another 300 spammers on my server today.
-
404
Spammers direct the dispatch through a telegram. Telegrams do not ban them.
-
404
https://telegram.org/
-
404
Lair of spammers
-
Ge0rG
404: I don't understand.
-
uc
Telegram does xmpp??
-
Zash
No
-
Ge0rG
I know from a reliable source that XMPP spammers use XMPP.
-
404
Ge0rG: Spammers are looking for customers in a telegram
-
Ge0rG
404: they are also looking in jabber. I can tell you the JIDs of some spam sending services.
-
404
Ge0rG: show JIDs
-
Ge0rG
404: scroll down in https://pastebin.com/EhEFzMQg
-
404
telegram @jabservice
-
404
Another contact @CyborgHawk
-
Ge0rG
404: there are JIDs in that pastebin
-
Ge0rG
here are two more JIDs: https://pastebin.com/raw/3QsfWC7T
-
404
They constantly change Jid. This is one person.
-
Ge0rG
404: I think the two links I gave are different entities.
-
Ge0rG
And then there is https://xmppspam.net/users/sign_in
-
Ge0rG
404: different prices, different contacts
-
404
Ge0rG: probably they are different. maybe the base is the same?
-
Ge0rG
404: maybe, maybe not. I don't know
-
Ge0rG
but I do know that you can easily get rid of them by rejecting multi-line messages from strangers.
-
Ge0rG
and messages with pastebin links
-
404
Ge0rG: Debian 9 / ejabberd 16.09 does not support this
-
Ge0rG
404: bug zinid over in xsf@
-
Ge0rG
or Holger
-
404
Ge0rG: ok
-
404
Ge0rG: Thanks
-
Ge0rG
404: in prosody, there is mod_firewall that allows message blocking in very fine-grained ways.
-
Holger
Ah. Failed to figure out the question from reading a few lines of backlog :-)
-
Holger
There's no such ejabberd module unfortunately.
-
Holger
There's mod_block_strangers to ... block strangers.
-
Ge0rG
And blocking strangers is bad for the XMPP ecosystem.
-
Ge0rG
Holger: you could rename it to mod_block_spammers :P
-
Holger
Spam is bad for the XMPP ecosystem as well.
-
Holger
And right now we don't have perfect solutions, so we must resort to workarounds. mod_block_strangers is one of them.
-
Holger
But I don't like/use it myself either.
-
Ge0rG
Holger: you could write mod_block_multiline_strangers
-
Holger
Yes I considered that.
-
Ge0rG
it could even auto-reject a pending subscription from the sender.
-
Holger
I mean, still considering it :-)
-
Holger
Plus maybe another few simple checks.
-
Holger
I.e. poor-man's mod_firewall.
- Holger is good at considering things.
-
Zash
Holger: Wasn't there a Ruby-like Erlang-compatible language? Elixir maybe? Is that DSL-friendly? (Ruby is IIRC)
-
Holger
Yes it is.
-
Holger
That's the #1 feature of Elixir compared to Erlang.
-
Ge0rG
And then you link a Lua runtime into ejabberd.
-
Holger
The rest is just syntax cosmetics.
-
Holger
Ge0rG: We already do (for prosody2ejabberd) :-)
-
Holger
https://github.com/rvirding/luerl
-
Holger
Works quite well.
-
Ge0rG
Holger: you just made my head explode.
-
Ge0rG
Holger: also, you can just provide bindings to mod_firewall with luerl :P
-
Zash
Load Prosody modules in ejabberd?
-
Holger
The p1 blog post will be interesting.
-
Zash
Then call out to some Python via https://pypi.python.org/pypi/lupa/
-
Holger
Sounds great!
-
Ge0rG
"Ejabberd now comes with prosody bundled" makes for some interesting marketing
-
Zash
That kind of thing rarely works out tho
-
Holger
"The next release will also ship Openfire!"
-
Ge0rG
Reminds me of Electron apps.
-
Zash
Java-to-JavaScript thingy and run Openfire in the browser?
-
Holger
https://github.com/hypernumbers/LuvvieScript
-
Holger
404: See, lots of helpful suggestions :-)