XMPP Service Operators - 2020-08-30

  1. kikuchiyo

    > Is there a way to limit the number of messages per hour per user as spam prevention? Per hour limits require mod_firewall: https://modules.prosody.im/mod_firewall.html

  2. kikuchiyo

    MattJ: Please give your advise on an _anti-monologue firewall rule_ ... `%RATE monologue: 0.0083 (burst 1800)` `KIND: groupchat` `LIMIT: monolouge` `BOUNCE=policy-violation (Sending too much!)` Would this firewall definition check if a user writes more than 15 times per half hour to a MUC on that prosody server?

  3. Licaon_Kter

    Typo in monologue kikuchiyo

  4. MattJ

    kikuchiyo, KIND: message TYPE: groupchat

  5. MattJ

    Are you trying to limit per MUC, or per user?

  6. kikuchiyo

    MattJ: per user per MUC

  7. kikuchiyo

    MattJ: The idea is to prevent single users from impolitely dominating public MUCs without getting answers from other participants.

  8. kikuchiyo

    Licaon_Kter: soliloquy?

  9. Licaon_Kter

    kikuchiyo: ?

  10. MattJ

    kikuchiyo: and do you want to apply this to your users or your MUCs?

  11. kikuchiyo

    MattJ: public MUCs

  12. MattJ

    Ok, then you need to load mod_firewall explicitly on the MUC component, and add the firewall_scripts option under it too

  13. kikuchiyo

    MattJ: The longer I think about it, the more skeptical I am about whether the condition is the right approach. Actually, the point is that the share of individual users in the overall communication of a public room should not get out of hand.

  14. MattJ

    Yeah

  15. MattJ

    You would probably be better with something like an adapted mod_muc_limits

  16. kikuchiyo

    MattJ: Is it possible to base the action on several conditions?

  17. kikuchiyo

    How could I calculate the _share_ of an individual to use it as one of those conditions?

  18. MattJ

    Easier to do in a module than in a firewall script

  19. MattJ

    And do you want total share, or total within a given time period?

  20. MattJ

    It's not easy :)

  21. kikuchiyo

    > total within a given time period? I think that would be the best way.

  22. MattJ

    Maybe the easiest is probably something like "no more than N messages in a row from a single occupant"

  23. MattJ

    Within a time period is tricky... after an hour of silence the first person to write would have a 100% share immediately

  24. kikuchiyo

    MattJ: Yes, I thought about that too, but then it would limit the possibility to run a news channel.

  25. kikuchiyo

    > Within a time period is tricky... after an hour of silence the first person to write would have a 100% share immediately There has to be a threshhold.

  26. kikuchiyo

    > Maybe the easiest is probably something like "no more than N messages in a row from a single occupant" If this rules counter would reset after an hour or so... It could fit the needs.

  27. kikuchiyo

    How about incremental delays (like brute force protection for passwords) ?

  28. kikuchiyo

    MattJ: `%RATE` values would have to depend on Nₜ messages per timeframe xor Nᵣ messages in a row for a single user.