XMPP Service Operators - 2020-06-22

  1. ruety

    tom could you share your xmpp server address?

  2. pod

    tom: i'd be interested in that as well

  3. mimi89999

    Are admins of jabber.cd or creep.im here?

  4. a

    mimi89999: hey there, I'm creep.im admin

  5. mimi89999

    a: I tried contacting you, but when I send try to subscribe, I get a message asking to fill a captcha. If I fill it and try to subscribe again, I get that message again. If I just try to send a message I get another error

  6. mimi89999

    Messages from strangers are rejected.

  7. a

    mimi89999: are you admin of jabjab.de? just guessing

  8. mimi89999

    No

  9. a

    okay

  10. mimi89999

    Private server.

  11. a

    anyway, captcha protection should be working fine, but apparently it does not, for everyone which is a bummer

  12. a

    anyway, captcha protection should be working fine, but apparently it does not work for everyone which is a bummer

  13. mimi89999

    https://lebihan.pl/xmpp-upload/index.php/4e9729b9-3526-42fb-9f5b-553562744e46/russian_spam.txt

  14. mimi89999

    This is my issue.

  15. a

    can't download that

  16. a

    maybe share a link?

  17. mimi89999

    http://paste.debian.net/1153363/

  18. mimi89999

    a: Here you are.

  19. a

    ah, okay downloaded now

  20. a

    mimi89999: which software do you use for your server?

  21. a

    test

  22. mimi89999

    Prosody

  23. a

    got it, typical spam

  24. mimi89999

    Could you do something?

  25. a

    I do believe there is an anti-spam module for Prosody. did you check it?

  26. a

    I use similar module on creep.im

  27. mimi89999

    Did you block that account?

  28. a

    no, not yet. but the problem is that you can block account, but it's virtually impossible to block the spammer behind it

  29. a

    due to the open nature of the server

  30. a

    everyone can register account in a minute or so

  31. a

    so blocking on the origin server is possible, but frankly it's meaningless

  32. mimi89999

    Hmm. Did you consider trying to automatically detect them? If just after registering they send the same message to a dozen JIDs offering things, then probably it is a spammer?

  33. a

    no, I didn't write my own anti-spam module

  34. a

    also, your proposed solution does require looking into each message of each user

  35. a

    and I prefer not to do that

  36. tom

    a: you might have to make a compromise there. As long as you keep the antispam detection in memory and never write out to nonvolatile storage you should bee good privacy wise. Parsing the body of messages is 75% of email heuristic spam detection

  37. tom

    What you could probably do is have a DistributedClearingHouse type system where you fuzzyhash messages going through your server, and if someone is sending a lot of the same messages to people you can know without disclosing private contents

  38. tom

    One of the mechanisms used for stopping spam with SMTP https://www.rhyolite.com/dcc/

  39. tom

    Another thing you could try is if right after they join they start messaging +50 jids that's not something a human can do

  40. Link Mauve

    Except if they were switching accounts, and noticing all of their former contacts.

  41. a

    that sounds like a nice project, but I'm not that fluent in Erlang and still have rather keep all messages private

  42. a

    I think that an installation of the already existing and working anti-spam modules will work perfectly done in this case

  43. a

    I think that an installation of the already existing and working anti-spam module will work perfectly done in this case

  44. a

    I think that an installation of the already existing and working anti-spam module will work perfectly fine in this case

  45. Ellenor Malik

    Schroedinger's chat has crasht