XMPP Service Operators - 2020-11-26


  1. Anas

    HELP! Hey guys, my server running 3k users now, and suddenly the delivery for the messages very slow now Any thoughts please

  2. TMakarios

    Anas: What software is running your server?

  3. tom

    ^

  4. bastoon

    Anas: RAM overflows on SWAP?

  5. tom

    Running out of dedotated wam fo servah

  6. 404.city

    Anas. 3K online or 3K all?

  7. arne

    Hi, I hope not to disturb but maybe can anyone give me some time to check my xmpp server in the point of security? 😀 I think it's pretty fine now, I get 100% on every test I made so far.

  8. Ge0rG

    creep.im: https://github.com/JabberSPAM/blacklist/commit/70c122e02c297803e94aa90b5849d538b269761e

  9. creep.im

    Ge0rG: yes, I was informed already. I believe this is a good thing until we have means to automatically block spammers on the origin server

  10. Ge0rG

    I've seen >1000 bots from creep.im in the last two weeks

  11. creep.im

    yes, it's pretty popular with both spammers and real people

  12. creep.im

    no hard feelings about inclusion into the spam list therefore

  13. creep.im

    cool, I'll block these right away

  14. Ge0rG

    thanks

  15. Ge0rG

    it's nice to have a short contact way for reports, like in this MUC

  16. creep.im

    you can add me directly: a@creep.im. I'm not available all the time though

  17. Ge0rG

    yay! a captcha!

  18. creep.im

    it worked

  19. Martin

    creep.im: > you can add me directly: a@creep.im. I'm not available all the time though I got spammed by your captchas 😄

  20. Martin

    But I also sent you emails.

  21. creep.im

    Martin: since we are at it right now, I think it's a good thing to connect now. you have only to solve captcha once

  22. Martin

    I solved it at least three times and got still spammed by captcha requests. 🤔

  23. Martin

    https://files.mdosch.de:5281/upload/D0A-Awp2wqJC8Dnv/Screenshot_20201011-141025_Conversations.png

  24. creep.im

    well, we just connected with Ge0rG just fine right now

  25. creep.im

    Martin: you can send me your JID privately and I will add you myself first, this should work

  26. Martin

    Wouldn't work, as creep.im is on the blocklist now.

  27. creep.im

    🙂

  28. Martin

    But it's the same as my email martin@mdosch.de

  29. creep.im

    good to know 😅

  30. creep.im

    but yeah, you can always drop me messages via email

  31. Martin

    Did my emails to a arrive? I didn't get any error bounce so I assume they did.

  32. creep.im

    yes, I can see your emails

  33. Martin

    I think I reported two or three times spammers and one time complained about the captcha spamming (see screenshot I shared earlier) which really pissed me off. 😂

  34. Martin really dislikes mod_block_strangers

  35. creep.im

    the only action I can take is to block this one spammer JID you mentioned in your fourth email

  36. Martin

    fweslty@creep.im (1. Email) lifelockt@creep.im (2. Email), Complaint about captcha spamming (3. Email). I don't see a fourth email in my sent folder. :-/

  37. creep.im

    it's actually third. I see you first email was not specifically to me, but to the Operators list

  38. creep.im

    it's actually third. I see that your first email was not specifically to me, but to the Operators list

  39. creep.im

    it's actually third. I see that your first email was not addressed specifically to me, but to the Operators list

  40. creep.im

    lifelockt is banned now

  41. Martin

    Thanks :)

  42. Martin

    creep.im: As my server has not yet fetched the updated blocklist I tried again. I successfully filled the captcha but I get > 26.11.20 15:23:12 ! Error from a@creep.im: Messages from strangers are rejected

  43. Martin

    https://files.mdosch.de:5281/upload/ND6UJqwDp-2ONS7d/2020-11-26-152446_scrot.png

  44. creep.im

    I can see your request

  45. creep.im

    added you back

  46. alpha_dead

    hello guys, I'm trying to understand if my router is the culprit for my ejabberd server no to be available in my LAN when not specifying the local IP in the client as the host. Some of you were suspecting a hair-pinning issue with my consumer router, so as suggested I used tcpdump on port 5222 and tried to connect. I was supposed to check if the local IP would be issued instead of the external IP by the client. I have a log now, but I'm not really sure. I get the external IP most of time, the local appeared here and there but it's really not predominant. So I'm confused now.. do I have a hair-pinning problem?

  47. alpha_dead

    I tried to specify the LAN IP of the server in the client and sniffed the packets with tcpdump, now I only get the LAN IP of my xmpp client, and the client does connect to ejabberd, while I get the "Server not found" error in Conversations if I leave the host unspecified. Could it be a DNS issue?

  48. mjk

    alpha_dead: did you limit tcpdump to only incoming packets? I'm not an expert, but `tcpdump -n#Q in` gives me lines like the following one when I connect to a local http server from the same network, using the router's public addr: `38 17:36:41.014306 IP 192.168.0.1.40401 > 192.168.0.42.443: Flags …` (Where 192.168.0.1 is the router's internal addr, and 192.168.0.42 is server's) And the server's logs confirm a connection from 192.168.0.1:40401. Needless to say, everything works.

  49. mjk

    That is, I don't see the router's external address anywhere at all

  50. mjk

    You should probably disable 5222 forwarding for the time of testing, so there would be no noise

  51. mjk

    You should probably disable 5222 forwarding for the time of testing, so there would be no noise from actual external connections

  52. Licaon_Kter

    mjk: umm, maybe not a good idea, since you connect to domain:5222

  53. Licaon_Kter

    alpha_dead: you already tried to search "my router model nat" ?

  54. mjk

    Licaon_Kter: Oh yeah, that could introduce false negatives

  55. alpha_dead

    Licaon_Kter, I have a NAT/PAT section in my router advanced panel, that's where I do the port-forwarding though

  56. alpha_dead

    I'm trying with mjk's filter with tcpdump now

  57. alpha_dead

    mjk, by using your filter I get the same output, external IP:random port > external IP:5222

  58. alpha_dead

    from time to time I get the pattern external IP:random port > local IP:5222, but only here and there

  59. alpha_dead

    I couldn't set up proper SRV records due to Webmin limitations, I'm waiting for the company to write them properly, now I'm using the xmpp.domain.tld in my client to connect from outside of the network. I can connect with no issue but I plan on fixing it. I'm wondering if this might cause problems locally

  60. alpha_dead

    Licaon_Kter, maybe you were suggesting something more, I'll research the exact model. It's a consumer HUAWEI router, nothing enteprise-grade

  61. alpha_dead

    SAGEMCOM

  62. alpha_dead

    Ops

  63. alpha_dead

    Not a HUAWEI, I'm sorry. I got confused, it's a Sagecom

  64. mjk

    > external IP:random port > external IP:5222 Wait wat. Just to make sure: you run tcpdump on the server machine, and the server machine ≠ router, right?

  65. mjk

    If that's the case, then it seems something really is wrong with the router

  66. mjk

    alpha_dead: I remember you saying it's rented, so not sure if your ISP would allow flashing a decent firmware (openwrt, dd-wrt...)

  67. bastoon

    alpha_dead: do you have same behavior with a HTTP server? I'd advice focusing on testing with such a simpler protocol to check NAT on a non standard (80,443) port.

  68. alpha_dead

    bastoon, I might indeed test with an http server to make sure, also.. I could host a Converse.js instance

  69. bastoon

    Yes that would push away the dns SRV and TLS issues. Use only http and not https. For your router perform all tests (http and XMPPs) without any "firewall", "syn flood" enabled broken features.

  70. bastoon

    Always reboot router after each router configuration modification.

  71. alpha_dead

    bastoon, then I will use a non-standard port for an apache2 website, that's the daemon I have at hand

  72. bastoon

    👍 Try the inside / outside network case with http://blabla:port