XMPP Service Operators - 2018-12-18

  1. SouL

    So, surprisingly, I've never received any SPAM and my account is quite public. Somebody in my server got the following and I can't understand how they found the JID to SPAM: Headline> gil821@manager.krible.ru/Psi says: Качественная JABBER Рассылка / Good Jabber Adverts Лучшая реклама Jabber для Вашего сервиса / Best Jabber Adverts for your service! #1 Рассылка /1 Spam Adverts = 15$ 457к JIDs Кардинг тематика! / Carding Contact List Так же ДЕЙСТВУЕТ АКЦИЯ! / Also NOW DISCOUNT! = 5 рассылок = 50$ / 5 Spam adverts = 50$ Действуют скидки при заказе от 5 рассылок / Discount for more 5 spam adverts Помощь подготовки рекламного текста Вашего сериса/шопа/и т.п Так же имеются другие тематики, уточняем лично! Food Jabber - Устранение конкурента! от 10$ в час Jabber adv_jid@jabbim.ru 24/7 Online! Приношу извинения за рассылку! P.S так же продажа комплекта спама (Jabber Spammer + Jabber base 457k = 350$ / Also selling pack for JIDs spam (Jabber Spammer + Jabber Base 457k JIDs) Price 350$

  2. Licaon_Kter

    SouL: was the JID a common name?

  3. MattJ

    and/or did they join MUCs or have contacts on certain remote servers?

  4. SouL

    Not at all, from what he says, he joined once to the Psi+ MUC and that is all. (Only chats with friends and family, so that is why I'm kind of puzzled) I mean, I would understand if I get SPAM but not him, wow

  5. SouL

    My Prosody setup is not ready to fight SPAM, I hope it does not become a problem

  6. Ge0rG

    Oh, I know that spam message.

  7. Holger

    I got it just a minute ago.

  8. Holger

    First spam to *this* JID of mine ...

  9. Ge0rG

    Somebody got a new spam-jid list?

  10. Ge0rG

    Holger: so... mod_firewall, finally?

  11. Holger

    Certainly bumps up a few positions in the to-do list :-)

  12. MattJ

    SouL, the Psi+ MUC is on jabber.ru?

  13. SouL

    MattJ, yes

  14. oli

    jabber.ru leaked?

  15. MattJ

    There are many possibilities

  16. MattJ

    e.g. an admin of the MUC may be on a different server that is leaked/compromised/compliant with spammers

  17. MattJ

    Consider that server operators have all the data that spammers want (JIDs, JIDs, JIDs)

  18. MattJ

    Best of all... active JIDs

  19. MattJ

    A rogue server operator could easily sell that info to spammers

  20. Ge0rG

    SouL: how much randomness is in that account name=

  21. oli

    we need temporary jids for muc

  22. Ge0rG

    MattJ: that smells like a business model

  23. MattJ

    Ge0rG, sure it is

  24. Ge0rG

    How much is a JID?

  25. MattJ

    It made some of the largest companies in the world successful :)

  26. MattJ

    1) get users to use your free service 2) sell some amount of the data you gather from this 3) PROFIT!!!

  27. MattJ

    This is only one possibility. Server databases have been compromised in the past (so rosters were leaked, and I know my JID was in one of those)

  28. oli

    xmpp is doomed

  29. MattJ

    The internet is doomed. Humanity is doomed :)

  30. Ge0rG

    doom is doomed

  31. oli

    oh yeah, there are bigger problems i forgot

  32. edhelas

    can we run Doom on XMPP ? 🤔

  33. Ge0rG

    XMPP is not a toaster.

  34. oli

    can we run xmpp on an amiga?

  35. Link Mauve


  36. Link Mauve

    My first XMPP client was built for a significantly more limited computer than my Amiga.

  37. oli

    could servers not use temporary jids for muc and translate between temp jid and my personal jid?

  38. Ge0rG

    oli: yes

  39. Ge0rG

    this is how MIX is going to do it, and it's a huge pile of ~shi~ complexity

  40. oli


  41. Ge0rG

    Speaking of spam... https://github.com/JabberSPAM/blacklist just got its first entry.

  42. Licaon_Kter

    Ge0rG: just one? I can scroll above and find a dozen, what gives?

  43. MattJ

    Licaon_Kter, a dozen where? You mean mentioned in this MUC?

  44. MattJ

    Maybe you didn't read the content at https://github.com/JabberSPAM/blacklist

  45. Licaon_Kter

    > otr.chat EOF

  46. Licaon_Kter

    > a list: blackjabber.cc, 0nl1ne.cc, xabber.de, jabber.cd, draugr.de, unstable.nl, jabberes.org, simple-systems.ru, xmpp.re, ubuntu-jabber.de, j3ws.biz, kolporter.com.pl, call2ru.com, legalize.li, jabber.tcpreset.net, beepconnect.com, itkad.ru, securejabber.me, onex.rooseveltdc.com, jabber.sibnet.ru, gnude.feste-ip.net, gug9sch.xyz, darkengine.biz, aquilius.de, jabber.hasufell.com, chat.hoferr.ch, xjabber.org, blug.moe, paranoid.scarab.name, xmpp.su, miranda.im, jabber.netzgehirn.de, fin77.info, nyarghr.com, sj.ms, privat-jabber.com, andrzejszczepaniak.co.uk, xmpp.hsbp.org, xmpp.sh,

  47. Licaon_Kter

    > my top10 of approximately the last two weeks: > messages bots domain > ---------- ---------- ------------------------------------ > 5630 1748 jabber.tcpreset.net > 3917 1111 otr.chat > 3318 2776 blackjabber.com > 2918 2419 jabberes.org > 2628 571 jabber.crans.org > 2574 874 jabber.ozerki.net > 2561 2109 xmpp.re > 2086 1592 unstable.nl > 1866 1548 deshalbfrei.org > 1862 1483 xabber.de

  48. Licaon_Kter


  49. MattJ

    Licaon_Kter, those servers are used by normal users

  50. MattJ

    so if you block them, you can prevent ordinary users from communicating

  51. Licaon_Kter

    And you can vouch that otr.chat is not?

  52. Licaon_Kter

    Anyway... A good start :)

  53. MattJ

    Efforts have been made to contact the admin of otr.chat to resolve the spam issue with their server

  54. MattJ

    Have you made any effort to contact the admins of the servers in that list?

  55. Link Mauve

    Licaon_Kter, how are you keeping track of which servers fixed their outgoing spam issues?

  56. edhelas

    MattJ at one moment you need to end up with those kind of decisions, if your mail server is spamming the whole planet, don't be surprised that your legit users cannot send mails to the other servers

  57. Link Mauve

    I can see some in your list which fixed it, for instance.

  58. MattJ

    edhelas, exactly

  59. Licaon_Kter

    Link Mauve: I'm not...having this issue

  60. Link Mauve

    Licaon_Kter, you are.

  61. Licaon_Kter

    Link Mauve: not my lists, search this MUC history

  62. Link Mauve

    Licaon_Kter, the list you just posted, anyway.

  63. Licaon_Kter

    i quoted Ge0rG and Neustradamus

  64. Ge0rG

    edhelas: and some RBLs are notoriously known for listing everybody and not delisting anybody.

  65. Ge0rG

    I don't want to end up *there*

  66. Ge0rG

    Licaon_Kter: what's your point?

  67. Ge0rG

    You can blacklist all the domains on your private server.

  68. Ge0rG

    if you run a public server, you need to make a trade-off

  69. Ge0rG

    if you run a public blacklist that other public server operators should have a good feeling to add, you need to have policies about addition and removal

  70. Ge0rG

    I've brought down a bunch of spam servers now, by documenting and reporting the abuse.

  71. Licaon_Kter

    Ge0rG: > I've brought down a bunch of spam servers now, by documenting and reporting the abuse. Great

  72. Neustradamus

    Licaon_Kter: I think you have not taken all the list, I have published other too ^^

  73. Licaon_Kter

    Neustradamus: ;))

  74. Neustradamus

    Please look your history ;)