XMPP Service Operators - 2020-12-14

  1. qnix has left
  2. qnix has joined
  3. qnix has left
  4. derventio has left
  5. Arne has left
  6. arne-bruen has left
  7. arne-bruen has joined
  8. Arne has joined
  9. qnix has joined
  10. jayteeuk has left
  11. jayteeuk has joined
  12. jayteeuk has left
  13. jayteeuk has joined
  14. steven has left
  15. qnix has left
  16. qnix has joined
  17. qnix has left
  18. Arne has left
  19. arne-bruen has left
  20. arne-bruen has joined
  21. Arne has joined
  22. derventio has joined
  23. qnix has joined
  24. Kris has left
  25. presprout has joined
  26. jayteeuk has left
  27. jayteeuk has joined
  28. jayteeuk has left
  29. jayteeuk has joined
  30. derventio has left
  31. raghavgururajan has left
  32. raghavgururajan has joined
  33. stvn has left
  34. jayteeuk has left
  35. jayteeuk has joined
  36. patasca has joined
  37. jayteeuk has left
  38. jayteeuk has joined
  39. qnix has left
  40. qnix has joined
  41. stvn has joined
  42. patasca has left
  43. patasca has joined
  44. argon3771 has left
  45. argon3771 has joined
  46. alacer has left
  47. Ge0rG has left
  48. frog has joined
  49. patasca has left
  50. Ellenor Malik has left
  51. Ellenor Malik has joined
  52. Holly Lotor has joined
  53. alacer has joined
  54. patasca has joined
  55. loopboom has left
  56. stvn has left
  57. stvn has joined
  58. raghavgururajan has left
  59. raghavgururajan has joined
  60. neox has left
  61. loopboom has joined
  62. frog has left
  63. Ellenor Malik has left
  64. Ellenor Malik has joined
  65. Ellenor Malik has left
  66. Ellenor Malik has joined
  67. jayteeuk has left
  68. jayteeuk has joined
  69. jayteeuk has left
  70. jayteeuk has joined
  71. patasca has left
  72. stvn has left
  73. Ellenor Malik has left
  74. Ellenor Malik has joined
  75. Bjarkan has left
  76. Bjarkan has joined
  77. stvn has joined
  78. Ellenor Malik oh god
  79. Ellenor Malik can someone help me diagnose a correct-password unauthorized problem?
  80. stvn has left
  81. stvn has joined
  82. Steven Roose has left
  83. sol has left
  84. Ellenor Malik has left
  85. pod has joined
  86. Ellenor Malik has joined
  87. pintosesk has left
  88. stefan has joined
  89. wladmis has left
  90. loopboom has left
  91. ibikk has joined
  92. kusoneko has left
  93. kusoneko has joined
  94. Huxx has joined
  95. Menel has joined
  96. lorddavidiii has joined
  97. some1 has joined
  98. Douglas Terabyte has left
  99. Douglas Terabyte has joined
  100. stvn has left
  101. ru_maniac has left
  102. Licaon_Kter has joined
  103. openchat has joined
  104. TMakarios has left
  105. TMakarios has joined
  106. ru_maniac has joined
  107. sol has joined
  108. stvn has joined
  109. jayteeuk has left
  110. jayteeuk has joined
  111. jayteeuk has left
  112. jayteeuk has joined
  113. some1 has left
  114. some1 has joined
  115. nickomemo has left
  116. nickomemo has joined
  117. nickomemo has left
  118. derventio has joined
  119. openchat has left
  120. openchat has joined
  121. jayteeuk has left
  122. jayteeuk has joined
  123. Martin has left
  124. Martin has joined
  125. jayteeuk has left
  126. jayteeuk has joined
  127. jayteeuk has left
  128. jayteeuk has joined
  129. lorddavidiii has left
  130. raghavgururajan has left
  131. mjk has joined
  132. openchat has left
  133. j.r (jugendhacker.de) has left
  134. j.r (jugendhacker.de) has joined
  135. guus.der.kinderen has left
  136. Menel has left
  137. 404.city has joined
  138. 404.city has left
  139. lorddavidiii has joined
  140. jayteeuk has left
  141. jayteeuk has joined
  142. frog has joined
  143. derventio has left
  144. derventio has joined
  145. mehdi has left
  146. stvn has left
  147. Ge0rG has joined
  148. j.r (jugendhacker.de) has left
  149. stvn has joined
  150. j.r (jugendhacker.de) has joined
  151. junaid has left
  152. 86ul has joined
  153. junaid has joined
  154. rom1dep has joined
  155. henrik has joined
  156. jayteeuk has left
  157. jayteeuk has joined
  158. jayteeuk has left
  159. jayteeuk has joined
  160. Steven Roose has joined
  161. abidal3 has joined
  162. junaid has left
  163. junaid has joined
  164. madmalkav has joined
  165. j.r (jugendhacker.de) has left
  166. jayteeuk has left
  167. jayteeuk has joined
  168. nickomemo has joined
  169. creep.im has left
  170. creep.im has joined
  171. j.r (jugendhacker.de) has joined
  172. rom1dep has left
  173. qnix has left
  174. qnix has joined
  175. stvn has left
  176. xi has left
  177. jayteeuk has left
  178. jayteeuk has joined
  179. Ellenor Malik has left
  180. Ellenor Malik has joined
  181. stvn has joined
  182. jayteeuk has left
  183. jayteeuk has joined
  184. Viktor Lindberg has left
  185. Viktor Lindberg has joined
  186. jayteeuk has left
  187. jayteeuk has joined
  188. neox has joined
  189. qnix has left
  190. stvn has left
  191. abidal3 has left
  192. jayteeuk has left
  193. jayteeuk has joined
  194. stvn has joined
  195. jayteeuk has left
  196. jayteeuk has joined
  197. ajeremias has joined
  198. ntuseracc has joined
  199. lorddavidiii has left
  200. stvn has left
  201. stvn has joined
  202. Menel has joined
  203. qnix has joined
  204. derventio has left
  205. qnix has left
  206. ajeremias has left
  207. lorddavidiii has joined
  208. qnix has joined
  209. stvn has left
  210. stvn has joined
  211. pintosesk has joined
  212. qnix has left
  213. stvn has left
  214. patasca has joined
  215. mehdi has joined
  216. qnix has joined
  217. qnix has left
  218. jayteeuk has left
  219. jayteeuk has joined
  220. jayteeuk has left
  221. jayteeuk has joined
  222. loopboom has joined
  223. stefan has left
  224. loopboom has left
  225. loopboom has joined
  226. stefan has joined
  227. stvn has joined
  228. some1 has left
  229. patasca has left
  230. stvn has left
  231. presprout has left
  232. loopboom has left
  233. patasca has joined
  234. qnix has joined
  235. inky has left
  236. mss_cyclist has left
  237. mss_cyclist has joined
  238. stvn has joined
  239. frog has left
  240. some1 has joined
  241. Kris has joined
  242. patasca has left
  243. mehdi has left
  244. Menel has left
  245. nickomemo has left
  246. Viktor Lindberg has left
  247. Viktor Lindberg has joined
  248. frog has joined
  249. lorddavidiii has left
  250. steven has joined
  251. mimi89999 https://is.gd/SyJF9o
  252. mimi89999 Is that the Jabber spam service?
  253. mimi89999 BTW, got spam from `intercoracoid@404.city`.
  254. some1 has left
  255. mimi89999 real and rare
  256. Ge0rG mimi89999: that's a jabber spam service indeed
  257. ntuseracc has left
  258. mimi89999 Can the operators of those servers remove their accounts or we block their servers?
  259. mimi89999 Who is the admin of 404 city?
  260. Ge0rG he's often here as 404city
  261. Beherit has left
  262. mimi89999 I'm flooded with spam from that server now.
  263. mimi89999 Like one message every 10 sec
  264. Beherit has joined
  265. Ge0rG mimi89999: from the same account or from different ones?
  266. patasca has joined
  267. mimi89999 Where is he?
  268. mimi89999 Same
  269. Ge0rG mimi89999: I've pinged the admin now
  270. tom Yes there's a channel
  271. tom A process
  272. tom You have to give them some time to proccess the abuse request though before they get in a blocklist
  273. mimi89999 OK. Can you link the channel/form/whatever?
  274. kikuchiyo has left
  275. tom What's that private spamfighting muc on yax.im again?
  276. tom I got an invite ounce but forgot about it
  277. some1 has joined
  278. lorddavidiii has joined
  279. Ge0rG it doesn't exist any more
  280. tom mimi89999: https://github.com/JabberSPAM
  281. mimi89999 How to quickly block a JID server level?
  282. tom With mod_firewall
  283. tom Or for a specific account
  284. tom https://xmpp.org/extensions/xep-0191.html
  285. antranigv has joined
  286. some1 has left
  287. some1 has joined
  288. ajeremias has joined
  289. frog has left
  290. mimi89999 has left
  291. patasca has left
  292. patasca has joined
  293. mimi89999 has joined
  294. kikuchiyo has joined
  295. kikuchiyo has left
  296. patasca has left
  297. patasca has joined
  298. some1 has left
  299. stvn has left
  300. stvn has joined
  301. some1 has joined
  302. kikuchiyo has joined
  303. kikuchiyo has left
  304. lorddavidiii has left
  305. kikuchiyo has joined
  306. kikuchiyo has left
  307. raghavgururajan has joined
  308. raghavgururajan has left
  309. raghavgururajan has joined
  310. kikuchiyo has joined
  311. kikuchiyo has left
  312. kikuchiyo has joined
  313. kikuchiyo has left
  314. kikuchiyo has joined
  315. kikuchiyo has left
  316. some1 has left
  317. netbk.de has left
  318. Ge0rG has left
  319. patasca has left
  320. patasca has joined
  321. jayteeuk has left
  322. jayteeuk has joined
  323. jayteeuk has left
  324. steven has left
  325. jayteeuk has joined
  326. raghavgururajan has left
  327. raghavgururajan has joined
  328. lorddavidiii has joined
  329. some1 has joined
  330. Ge0rG has joined
  331. stvn has left
  332. steven has joined
  333. stvn has joined
  334. some1 has left
  335. some1 has joined
  336. kikuchiyo has joined
  337. kikuchiyo has left
  338. jayteeuk has left
  339. jayteeuk has joined
  340. xi has joined
  341. jayteeuk has left
  342. jayteeuk has joined
  343. kikuchiyo has joined
  344. kikuchiyo has left
  345. jayteeuk has left
  346. jayteeuk has joined
  347. patasca has left
  348. patasca has joined
  349. some1 has left
  350. inky has joined
  351. patasca has left
  352. patasca has joined
  353. kikuchiyo has joined
  354. kikuchiyo has left
  355. rom1dep has joined
  356. kikuchiyo has joined
  357. kikuchiyo has left
  358. kikuchiyo has joined
  359. kikuchiyo has left
  360. some1 has joined
  361. some1 has left
  362. kikuchiyo has joined
  363. kikuchiyo has left
  364. sol has left
  365. sol has joined
  366. patasca has left
  367. patasca has joined
  368. rom1dep has left
  369. frog has joined
  370. kikuchiyo has joined
  371. kikuchiyo has left
  372. kikuchiyo has joined
  373. kikuchiyo has left
  374. some1 has joined
  375. kikuchiyo has joined
  376. kikuchiyo has left
  377. perflyst has joined
  378. guus.der.kinderen has joined
  379. kikuchiyo has joined
  380. kikuchiyo has left
  381. kikuchiyo has joined
  382. kikuchiyo has left
  383. ajeremias has left
  384. alien has left
  385. alien has joined
  386. guus.der.kinderen has left
  387. kikuchiyo has joined
  388. kikuchiyo has left
  389. lorddavidiii has left
  390. lorddavidiii has joined
  391. wladmis has joined
  392. kikuchiyo has joined
  393. kikuchiyo has left
  394. ntuseracc has joined
  395. kikuchiyo has joined
  396. kikuchiyo has left
  397. perflyst has left
  398. patasca has left
  399. patasca has joined
  400. rom1dep has joined
  401. some1 has left
  402. kikuchiyo has joined
  403. kikuchiyo has left
  404. jayteeuk has left
  405. jayteeuk has joined
  406. frog has left
  407. kikuchiyo has joined
  408. kikuchiyo has left
  409. qnix has left
  410. qnix has joined
  411. kikuchiyo has joined
  412. kikuchiyo has left
  413. kikuchiyo has joined
  414. kikuchiyo has left
  415. kikuchiyo has joined
  416. kikuchiyo has left
  417. Viktor Lindberg has left
  418. Viktor Lindberg has joined
  419. patasca has left
  420. patasca has joined
  421. kikuchiyo has joined
  422. Menel has joined
  423. kikuchiyo has left
  424. rom1dep has left
  425. kikuchiyo has joined
  426. kikuchiyo has left
  427. lorddavidiii has left
  428. lorddavidiii has joined
  429. patasca has left
  430. patasca has joined
  431. kikuchiyo has joined
  432. kikuchiyo has left
  433. henrik has left
  434. kikuchiyo has joined
  435. kikuchiyo has left
  436. nickomemo has joined
  437. lorddavidiii has left
  438. henrik has joined
  439. kikuchiyo has joined
  440. kikuchiyo has left
  441. kikuchiyo has joined
  442. kikuchiyo has left
  443. kikuchiyo has joined
  444. kikuchiyo has left
  445. bastoon > mimi89999: https://github.com/JabberSPAM Should it rather contain only registered domain names (to ICANN registrars) and not sub-domains? This might break implementations if you change the format in a hurry (and that probably will one day).
  446. kikuchiyo has joined
  447. kikuchiyo has left
  448. henrik has left
  449. henrik has joined
  450. Jonny has left
  451. bastoon > mimi89999: https://github.com/JabberSPAM Shouldn't it rather contain only registered domain names (to ICANN registrars) and not sub-domains? This might break implementations if you change the format in a hurry (and that probably will one day).
  452. Jonny has joined
  453. qnix has left
  454. mss_cyclist has left
  455. mss_cyclist has joined
  456. bastoon > mimi89999: https://github.com/JabberSPAM Why this list contains FQDNs. IMO no need for sub-domains, and only disavantages. Then if format is changed in a hurry, this may break current implementation (and that probably will one day).
  457. patasca has left
  458. bastoon > mimi89999: https://github.com/JabberSPAM Why do this list contain FQDNs. IMO no need for sub-domains, only cons. Then if format is changed in a hurry, this may break current implementation (and that probably will one day).
  459. Martin bastoon: Because some xmppds are served on a subdomain.
  460. kikuchiyo has joined
  461. kikuchiyo has left
  462. qnix has joined
  463. bastoon Martin: I'm sure spammers will exploit the possibility to infinite subs. Then don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
  464. pintosesk has left
  465. bastoon Martin: I'm sure spammers will exploit the possibility to infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
  466. kikuchiyo has joined
  467. kikuchiyo has left
  468. bastoon Martin: I'm quite sure spammers will exploit the possibility to infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
  469. bastoon Martin: I'm quite sure spammers will exploit the possibility of infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
  470. kikuchiyo has joined
  471. kikuchiyo has left
  472. Martin Spammers usually use unmaintained servers with IBR and do not fire up own servers.
  473. Martin Also there is this case: Befor I was running my xmppd on a shared hoster. If I would not have used my own domain it would have been running at user.tucana.uberspace.de. So if I spam why should the innocent xmppd another-user.tucana.uberspace.de also be blocked?
  474. ajeremias has joined
  475. bastoon Because he could fire you from using his domain before being considered as spammer. Just thought it would be simpler, lighter and more robust against spammer, but surely bad sides to investigate / accommodate.
  476. kikuchiyo has joined
  477. kikuchiyo has left
  478. lorddavidiii has joined
  479. kikuchiyo has joined
  480. kikuchiyo has left
  481. kikuchiyo has joined
  482. kikuchiyo has left
  483. Menel has left
  484. Menel has joined
  485. kikuchiyo has joined
  486. kikuchiyo has left
  487. kikuchiyo has joined
  488. patasca has joined
  489. belove has left
  490. Ivan A. has left
  491. ntuseracc has left
  492. ntuseracc has joined
  493. ntuseracc has left
  494. frog has joined
  495. ntuseracc has joined
  496. patasca has left
  497. patasca has joined
  498. Martin > Because he could fire you from using his domain before being considered as spammer. I don't understand this.
  499. Maranda has left
  500. Beherit has left
  501. Maranda has joined
  502. nickomemo has left
  503. Beherit has joined
  504. 86ul has left
  505. stvn has left
  506. patasca has left
  507. arne-bruen has left
  508. kikuchiyo has left
  509. jayteeuk has left
  510. jayteeuk has joined
  511. stvn has joined
  512. 86ul has joined
  513. jayteeuk has left
  514. jayteeuk has joined
  515. frog has left
  516. qnix has left
  517. Arne has left
  518. kikuchiyo has joined
  519. kikuchiyo has left
  520. kahlb This list even blacklists creep.im, which is one of the more popular public servers (among the gajim Standard Servers). Not a good Idea I think, it might break xmpp
  521. raucao > it might break xmpp how so? it merely breaks creep.im if they don't get their spam users under control
  522. raucao that's what a federation is for
  523. creep.im creep.im is a known spam server
  524. qnix has joined
  525. raucao :)
  526. Martin kahlb: The issue was that the operator was not reachable on his 0157 contacts. You'll see the history in my MR.
  527. Martin Unfortunately we found him in here just after it got merged.
  528. bastoon > I don't understand this. From your example uberspace.de is still in control to allow/disallow a sub domains (on spam complaining).
  529. patasca has joined
  530. Martin Yes, that's why you should report spammers. But blocking all operators from one domain because one is spamming is not useful.
  531. ernst.on.tour has left
  532. ernst.on.tour has joined
  533. raucao Operators are free to choose
  534. Arne has joined
  535. arne-bruen has joined
  536. Ge0rG let's block all OVH and Hetzner then?
  537. kikuchiyo has joined
  538. kikuchiyo has left
  539. kikuchiyo has joined
  540. kikuchiyo has left
  541. kikuchiyo has joined
  542. kikuchiyo has left
  543. mathieui operators being unreachable while their server is used as a spam relay is a valid reason for inclusion in spam lists
  544. kikuchiyo has joined
  545. kikuchiyo has left
  546. kikuchiyo has joined
  547. kikuchiyo has left
  548. Ge0rG mathieui: how long should one wait to determine "unrechable"?
  549. mathieui Ge0rG, no available means of contact
  550. mathieui if one is available, I guess it’s up to you
  551. kikuchiyo has joined
  552. kikuchiyo has left
  553. raucao > let's block all OVH and Hetzner then? hetzner do actually block your server's network traffic if you spam their local network
  554. kikuchiyo has joined
  555. kikuchiyo has left
  556. Ge0rG raucao: but hetzner isn't using xmpp internally.
  557. raucao comparing someone using a hetzner server to spamming the outside network with the hetzner network itself makes no sense
  558. raucao the xmpp spam server is not a data center
  559. nickomemo has joined
  560. raucao it is a specific service running under a specific domain
  561. Ge0rG raucao: what's your point?
  562. raucao what is yours
  563. raucao your comparison was a non-sequitur
  564. jayteeuk has left
  565. jayteeuk has joined
  566. raucao > operators being unreachable while their server is used as a spam relay is a valid reason for inclusion in spam lists this is the point that some people seem to disagree with, and so far there were no valid arguments against it brought forward here
  567. kikuchiyo has joined
  568. jayteeuk has left
  569. kikuchiyo has left
  570. jayteeuk has joined
  571. qnix has left
  572. qnix has joined
  573. kikuchiyo has joined
  574. kikuchiyo has left
  575. Ge0rG raucao: my response was to the point about blocking all of uberspace if there are spammy servers on there.
  576. Arne do those spammers use some settings?
  577. kikuchiyo has joined
  578. kikuchiyo has left
  579. Arne like a special cipher for prosody
  580. kikuchiyo has joined
  581. kikuchiyo has left
  582. Arne or a deprecated maybe
  583. kikuchiyo has joined
  584. kikuchiyo has left
  585. Arne so we need to change all our settings ;D
  586. Ge0rG Arne: spammers register accounts on free servers.
  587. kikuchiyo has joined
  588. kikuchiyo has left
  589. Ge0rG Ah, it was strato who requested headers as evidence for the spam I reported.
  590. kikuchiyo has joined
  591. kikuchiyo has left
  592. bastoon > let's block all OVH and Hetzner then? OVH automatically forwards whois alias to real mails. I don't get this point. Moreover XEP (if generalized) make the process operator independent.
  593. nickomemo has left
  594. raucao > raucao: my response was to the point about blocking all of uberspace if there are spammy servers on there. sry, i didn't see that someone wanted to block all of uberspace
  595. raucao i thought it was in response to blocking creep.im
  596. raucao mea culpa
  597. Ge0rG bastoon: of the two reports I sent to OVH, one server got shot down, and for the other one I never heard back
  598. nickomemo has joined
  599. antranigv has left
  600. Ge0rG kode.im and im.koderoot.net are the #1 and #2 sources of spam for me for the last weeks.
  601. Ge0rG creep.im is #3. creep.im, wanna have a new list of JIDs to delete?
  602. creep.im shoot it. you have my JID
  603. Arne mh, maybe free inbandregistration is not really good xD
  604. mimi89999 BTW, are SPAM reports verified in any way?
  605. mimi89999 Ge0rG: Did 404 admin respond?
  606. Ge0rG mimi89999: haven't seen them online yet
  607. Ge0rG Arne: yes, you shouldn't do it if you don't want to be a full time anti-spam admin
  608. Arne I use my own webregistration combined with some other things
  609. Ge0rG mimi89999: how would you verify them? I always send logs to the ISP / server admin so they can match against their own logs
  610. antranigv has joined
  611. stvn has left
  612. creep.im I do IBR and I am only removing spam accounts by request
  613. creep.im it's not much work
  614. creep.im although this is meaningless: spammers easily create dozens of new accounts
  615. Ge0rG creep.im: it's only not much work if nobody reports ;)
  616. mimi89999 I used to get spam from creep.im, but I'm not getting anymore
  617. Ge0rG hundreds.
  618. kikuchiyo has joined
  619. kikuchiyo has left
  620. creep.im if you care about your users, the best bet to filter spam at the receiving side
  621. creep.im I told you guys like a million times
  622. nickomemo has left
  623. Ge0rG creep.im: you mean, each user must filter spam on their own?
  624. creep.im but for some reason you are afraid of captcha
  625. creep.im not user. server. there are plugins for that
  626. kikuchiyo has joined
  627. stefan has left
  628. Ge0rG captchas are bad for usability
  629. creep.im you only enter it once
  630. creep.im not a big deal for usability
  631. Ge0rG what if you can't read well?
  632. creep.im you want to create a walled garden without spammers, introducing your custom esoteric registration systems, but his is it different from WhatsApp? it's actually less usable than WhatsApp
  633. creep.im you want to create a walled garden without spammers, introducing your custom esoteric registration systems, but how is it different from WhatsApp? it's actually less usable than WhatsApp
  634. mjk Ge0rG, creep.im: audio captcha is a thing, too
  635. mimi89999 creep.im: So every time I want to contact a new new account I need to fill a captcha?
  636. Ge0rG mjk: but not in the typical xmpp captcha "solutions"
  637. Ge0rG creep.im: my server has IBR and no captchas
  638. creep.im you fight spammers, but spammers don't care. users are hurt instead
  639. Ge0rG same with captchas ;)
  640. mimi89999 Would be better to fill the captcha once.
  641. mimi89999 On registration
  642. creep.im Ge0rG: you have IBR with your custom esoteric filtration system, I heard about it
  643. mjk Ge0rG: > but not in the typical xmpp captcha "solutions" Unfortunately. I was nudging creep.im to think about it :)
  644. creep.im Ge0rG: now open source it and encourage everyone to use it
  645. Ge0rG creep.im: I'm doing RBL checks against dnsbl.dronebl.org with ready-made prosody modules
  646. stvn has joined
  647. creep.im write an article about it, I don't know. a lot of people have no idea how to approach this problem
  648. Ge0rG creep.im: https://yaxim.org/blog/2020/05/12/new-anti-spam-measures/
  649. stefan has joined
  650. Ge0rG oh, spammers are also solving recaptcha to register bot accounts.
  651. Licaon_Kter Ge0rG: > I'm doing RBL checks against dnsbl.dronebl.org with ready-made prosody modules That site is down?
  652. Ge0rG Licaon_Kter: https://dronebl.org/ - the other one is the RBL address
  653. argon3771 has left
  654. argon3771 has joined
  655. Licaon_Kter Oh
  656. creep.im > creep.im: https://yaxim.org/blog/2020/05/12/new-anti-spam-measures/ great job. someone will definitely find that helpful. although not privacy-oriented operators, who want to keep legitimate Proxy/Tor users using the service
  657. stvn has left
  658. Ge0rG creep.im: legitimate Tor users can connect via Tor, join the yaxim support MUC and ask to be unblocked.
  659. creep.im how do you distinguish if the user is legitimate?
  660. Ge0rG creep.im: I don't ask questions.
  661. creep.im also, there may be dozens of such requests
  662. creep.im on a day
  663. raucao why would you in the first place. if they spam, the account gets blocked
  664. raucao tor or not
  665. Ge0rG creep.im: I had a dozen of such requests since I made that policy
  666. Ge0rG creep.im: a spammer will register hundreds or thousands of accounts at the same time
  667. creep.im how many such requests you receive daily?
  668. Ge0rG creep.im: I had a dozen of such requests since I made that policy
  669. Ge0rG that's two per month
  670. jayteeuk has left
  671. jayteeuk has joined
  672. creep.im are there a lot of daily registrations?
  673. qnix has left
  674. creep.im proxied and regular
  675. jayteeuk has left
  676. jayteeuk has joined
  677. Ge0rG 100 - 500 per month
  678. Ge0rG I don't count the proxy registrations, I only count the ones that complain
  679. creep.im that's manageable
  680. qnix has joined
  681. stvn has joined
  682. Ge0rG I also have hundreds of bot registrations sometimes, so it's hard to tell for sure
  683. creep.im anyway, you are coming up with your own solutions to a common problem. there should be a universal ready made way of doing this. like a plugin, or a built-in fictionally right in the server(s). manual process is a no go, especially for one-man server operations
  684. Licaon_Kter creep.im: redo everything on Prosody then, easy :)
  685. Ge0rG creep.im: I've documented my way and made the tools accessible. Somebody else needs to do the same for ejabberd.
  686. creep.im Licaon_Kter: it'll still not be automated
  687. Ge0rG creep.im: spammers will circumvent automated systems
  688. creep.im somehow I didn't get a single spam message in months...
  689. creep.im a lot of accounts add me daily
  690. creep.im I guess miss of them are spammers
  691. abidal3 has joined
  692. Ge0rG I had to solve a captcha before reporting spam to you :P
  693. creep.im yes, this is how it works
  694. creep.im my point is that it is automated and it works
  695. Ge0rG it's automated for you, not for the people who want to talk to you
  696. Ge0rG well, maybe for the spammers who can just buy captchas for 5$/1000
  697. creep.im still, seems like they're not doing that
  698. creep.im I guess they just spam another servers
  699. creep.im I guess they just spam other servers
  700. Ge0rG creep.im: I know that spammers are buying into IBR captchas, because you buy one, and send thousans of spam messages
  701. Beherit has left
  702. Beherit has joined
  703. creep.im IBR captchas... maybe. but to be able to actually send messages, you have to solve another captcha, also you have to be added by the other party as well
  704. creep.im only then you are free to chat
  705. nickomemo has joined
  706. creep.im anyway, this is rather a temporary measure until the real solution will be available
  707. Ge0rG the real solution: people who don't click on spam
  708. creep.im "temporary" could mean for next few years...
  709. kusoneko has left
  710. kusoneko has joined
  711. Licaon_Kter We are well beyond years already
  712. kusoneko has left
  713. kusoneko has joined
  714. lorddavidiii has left
  715. patasca has left
  716. lorddavidiii has joined
  717. patasca has joined
  718. ajeremias has left
  719. jayteeuk has left
  720. jayteeuk has joined
  721. kusoneko has left
  722. kusoneko has joined
  723. kusoneko has left
  724. kusoneko has joined
  725. jayteeuk has left
  726. jayteeuk has joined
  727. kusoneko has left
  728. kusoneko has joined
  729. kusoneko has left
  730. kusoneko has joined
  731. patasca has left
  732. patasca has joined
  733. kusoneko has left
  734. kusoneko has joined
  735. Martin The captcha spam was the reason I could not contact creep.im
  736. Martin I got spammed with requests to fill a captcha and did so several times. Still my messages didn't get through. That was pretty annoying and I had to block him to make his server spam me with captcha requests. That's why I contacted him t
  737. Martin I got spammed with requests to fill a captcha and did so several times. Still my messages didn't get through. That was pretty annoying and I had to block him to make his server spam me with captcha requests. That's why I tried to contact him via email.
  738. patasca has left
  739. creep.im I didn't add you back immediately, that's why you've been "spammed" by captcha
  740. creep.im better to spam sender with captcha, then the other way around, right?
  741. patasca has joined
  742. seantodd has left
  743. patasca has left
  744. patasca has joined
  745. Martin Captchas are just the most annoying UX in spam fighting.
  746. Martin Those block stranger modules break XMPP.
  747. seantodd has joined
  748. belong has left
  749. xi has left
  750. xi has joined
  751. belong has joined
  752. mjk Could the invite-only model be the ultimate solution? If, by chance, a rare spammer is invited and then invites a horde of other spammers, the whole sub-tree of accounts can be efficiently truncated manually
  753. mjk That, of course, requires storing the data on who invited whom
  754. arne-bruen has left
  755. qnix has left
  756. mjk That is, basically, a social graph. A nutritious, concentrated, morsel of user data...
  757. mjk Ugh.
  758. steven has left
  759. belong has left
  760. arne-bruen has joined
  761. stvn has left
  762. stvn has joined
  763. belong has joined
  764. Martin Invitations are nice for family and friends servers but not for public ones.
  765. mehdi has joined
  766. raucao we have closed regs and just started with invitations. but not public yet
  767. raucao in the future we're adding lightning network payments for signups
  768. raucao that way a spammer would have to pay for their account first. that makes it both harder to automate it as well as introduces a cost
  769. raucao i think users inviting other users is generally a good idea
  770. raucao obviously having to donate/pay upfront introduces friction, but then again pretty much any effective anti-spam mesure does
  771. raucao s/mesure/measure
  772. junaid > better to spam sender with captcha, then the other way around, right? creep.im: hence why you dont get many spam complaints. Maybe operators choose to block the domain instead?
  773. raucao i think there are also many other ways to have semi-open signups where it's difficult to create many accounts and also easier to shut spammers down
  774. ntuseracc has left
  775. Martin The RBL approach seems to work well for Ge0rG in reducing spam bots on yax.im.
  776. stvn has left
  777. stvn has joined
  778. mathieui the RBL approach prevents 99.99% of automated IBR registrations
  779. Steven Roose has left
  780. Steven Roose has joined
  781. patasca has left
  782. patasca has joined
  783. bastoon Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration.
  784. bastoon Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration. But indeed spammer will waste *others* cpu for their benefit ;-)
  785. bastoon Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration. But indeed spammers will try to waste your cpu for their benefit ;-)
  786. bastoon Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration.
  787. mjk > But indeed spammers will try to waste your cpu for their benefit ;-) Yeah, botnets are totally immune to proof-of-work-based filtering. Actual payments, though...
  788. j.r (jugendhacker.de) has left
  789. lorddavidiii has left
  790. lorddavidiii has joined
  791. raucao Exactly
  792. j.r (jugendhacker.de) has joined
  793. Beherit has left
  794. vu764hd68fxt has joined
  795. Beherit has joined
  796. frog has joined
  797. qnix has joined
  798. pintosesk has joined
  799. ij has left
  800. patasca has left
  801. patasca has joined
  802. ernst.on.tour has left
  803. ij has joined
  804. ernst.on.tour has joined
  805. openchat has joined
  806. stvn has left
  807. ibikk has left
  808. lorddavidiii has left
  809. jayteeuk has left
  810. jayteeuk has joined
  811. jayteeuk has left
  812. jayteeuk has joined
  813. stvn has joined
  814. mehdi has left
  815. cuc has joined
  816. thndrbvr has left
  817. thndrbvr has joined
  818. patasca has left
  819. patasca has joined
  820. lorddavidiii has joined
  821. patasca has left
  822. patasca has joined
  823. Beherit has left
  824. Beherit has joined
  825. stefan has left
  826. patasca has left
  827. patasca has joined
  828. stvn has left
  829. Kris has left
  830. 86ul has left
  831. tom bastoon: that doesnt work because you need to mine a whole block to get a payout
  832. bastoon I'm not talking about Bitcoin directly but proof of work related challenge. So can be adapted to every situation.
  833. Beherit has left
  834. bastoon I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation.
  835. bastoon I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation. Ex challenge: find a hash which verify sha-256(JID + random block) < X With X given by server.
  836. bastoon I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation. Ex challenge: find X which verify sha-256(JID + random X < Y With Y given by server.
  837. bastoon I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation. Ex challenge: find X which verify sha-256(JID + random X) < Y With Y given by server.
  838. stvn has joined
  839. tom bastoon:
  840. tom All this digital methods are not very effective or degrade accessibility in my opinion
  841. tom And even then
  842. tom Well
  843. mehdi has joined
  844. tom It's just a matter of how much of a skid the spammer is
  845. tom Here's a recommendation and I want to give this to the creep.im admin too
  846. perflyst has joined
  847. tom In the old days when we wanted to registered for an account on the shared UNIX system we shelled in (can be a special ssh user like registration@yourdomain.tld) and that user was redirected to a terminal forum program
  848. stvn has left
  849. patasca has left
  850. patasca has joined
  851. tom You entered the username and other detailed you wanted then you were given a code
  852. tom In order to activate your account all you had to do was mail a postcard to the sysadmin with that code written on it
  853. tom You can still anonymously mail letters so this doesn't hurt anonymity
  854. tom And you can mail letters from anywhere in the world
  855. tom Postcards are universal
  856. tom It also gives you an opportunity to build a collage and a better sense of community
  857. tom When you receive the postcard you just type it into your server to lookup the reg details and activate the account
  858. tom If you don't get a poscard in 30 days for a code you purge the reg info
  859. tom Most spammers don't bother when the turing test is in meatspace and costs actual money
  860. Viktor Lindberg has left
  861. tom Not much mind you postage and a postcard are only a few cents even worldwide postage
  862. jayteeuk has left
  863. jayteeuk has joined
  864. jonas’ doesn’t scale though
  865. tom Anybody can afford to send a postcard
  866. jonas’ imagines handling 1k postcards / day
  867. jonas’ or even per week
  868. Ellenor Malik :O
  869. jonas’ or month
  870. jayteeuk has left
  871. jayteeuk has joined
  872. tom jonas’: i doubt that many reges are legit and if your that scale then geeze you would be replacing bigtech and FAANGs
  873. tom But
  874. tom If you were
  875. tom Just replace the postcard with a printable form and buy a SCANTRON machine
  876. tom The same kind of machine they use for standardized tests
  877. jonas’ SCANTRON :D
  878. raucao > bastoon: that doesnt work because you need to mine a whole block to get a payout That's what lightning network is for
  879. raucao Instant cobfirmation, virtually no fee
  880. tom This things scale up to nationwide elections
  881. raucao Extra bonus with LN is that you could block a spammer's LN node, too
  882. stvn has joined
  883. pintosesk has left
  884. tom https://www.ebay.com/sch/i.html?_from=R40&_trksid=m570.l1313&_nkw=scantron&_sacat=0
  885. Beherit has joined
  886. stpeter has joined
  887. steven has joined
  888. patasca has left
  889. patasca has joined
  890. tom jonas’: you really get over 1k legit reges a day?
  891. stvn has left
  892. stvn has joined
  893. Jonny has left
  894. Jonny has joined
  895. Viktor Lindberg has joined
  896. jonas’ has left
  897. jonas’ has joined
  898. jonas’ tom, no, I don’t run a public server
  899. joerg has left
  900. joerg has joined
  901. Arne has left
  902. arne-bruen has left
  903. Arne has joined
  904. arne-bruen has joined
  905. nickomemo has left
  906. Lily has left
  907. Kris has joined
  908. Lily has joined
  909. ibikk has joined
  910. kusoneko has left
  911. stpeter has left
  912. stvn has left
  913. serge90 has left
  914. serge90 has joined
  915. stpeter has joined
  916. raghavgururajan has left
  917. jayteeuk has left
  918. jayteeuk has joined
  919. jayteeuk has left
  920. jayteeuk has joined
  921. ernst.on.tour has left
  922. ernst.on.tour has joined
  923. stvn has joined
  924. raghavgururajan has joined
  925. patasca has left
  926. stvn has left
  927. kusoneko has joined
  928. openchat has left
  929. ibikk has left
  930. jayteeuk has left
  931. jayteeuk has joined
  932. stvn has joined
  933. ij has left
  934. ij has joined
  935. joerg has left
  936. joerg has joined
  937. openchat has joined
  938. pintosesk has joined
  939. pod has left
  940. cuc has left
  941. lorddavidiii has left
  942. David has left
  943. David has joined
  944. lorddavidiii has joined
  945. ajeremias has joined
  946. j.r (jugendhacker.de) has left
  947. j.r (jugendhacker.de) has joined
  948. lorddavidiii has left
  949. lorddavidiii has joined
  950. loopboom has joined
  951. frog has left
  952. raghavgururajan has left
  953. kikuchiyo has left
  954. Huxx has left
  955. Jonny has left
  956. ij has left
  957. ij has joined
  958. stvn has left
  959. steven has left
  960. sol has left
  961. loopboom has left
  962. argon3771 has left
  963. argon3771 has joined
  964. pod has joined
  965. kikuchiyo has joined
  966. Menel has left
  967. ajeremias has left
  968. patasca has joined
  969. lorddavidiii has left
  970. lorddavidiii has joined
  971. perflyst has left
  972. jayteeuk has left
  973. jayteeuk has joined
  974. patasca has left
  975. patasca has joined
  976. jayteeuk has left
  977. jayteeuk has joined
  978. pod has left
  979. Douglas Terabyte has left
  980. sol has joined
  981. patasca has left
  982. patasca has joined
  983. lorddavidiii has left
  984. openchat has left
  985. openchat has joined
  986. raghavgururajan has joined
  987. openchat has left
  988. mjk has left
  989. Licaon_Kter has left
  990. mjk has joined
  991. raghavgururajan has left
  992. stvn has joined
  993. Douglas Terabyte has joined
  994. Bjarkan has left
  995. patasca has left
  996. patasca has joined
  997. Bjarkan has joined