XMPP Service Operators - 2020-12-14


  1. qnix has left

  2. qnix has joined

  3. qnix has left

  4. derventio has left

  5. Arne has left

  6. arne-bruen has left

  7. arne-bruen has joined

  8. Arne has joined

  9. qnix has joined

  10. jayteeuk has left

  11. jayteeuk has joined

  12. jayteeuk has left

  13. jayteeuk has joined

  14. steven has left

  15. qnix has left

  16. qnix has joined

  17. qnix has left

  18. Arne has left

  19. arne-bruen has left

  20. arne-bruen has joined

  21. Arne has joined

  22. derventio has joined

  23. qnix has joined

  24. Kris has left

  25. presprout has joined

  26. jayteeuk has left

  27. jayteeuk has joined

  28. jayteeuk has left

  29. jayteeuk has joined

  30. derventio has left

  31. raghavgururajan has left

  32. raghavgururajan has joined

  33. stvn has left

  34. jayteeuk has left

  35. jayteeuk has joined

  36. patasca has joined

  37. jayteeuk has left

  38. jayteeuk has joined

  39. qnix has left

  40. qnix has joined

  41. stvn has joined

  42. patasca has left

  43. patasca has joined

  44. argon3771 has left

  45. argon3771 has joined

  46. alacer has left

  47. Ge0rG has left

  48. frog has joined

  49. patasca has left

  50. Ellenor Malik has left

  51. Ellenor Malik has joined

  52. Holly Lotor has joined

  53. alacer has joined

  54. patasca has joined

  55. loopboom has left

  56. stvn has left

  57. stvn has joined

  58. raghavgururajan has left

  59. raghavgururajan has joined

  60. neox has left

  61. loopboom has joined

  62. frog has left

  63. Ellenor Malik has left

  64. Ellenor Malik has joined

  65. Ellenor Malik has left

  66. Ellenor Malik has joined

  67. jayteeuk has left

  68. jayteeuk has joined

  69. jayteeuk has left

  70. jayteeuk has joined

  71. patasca has left

  72. stvn has left

  73. Ellenor Malik has left

  74. Ellenor Malik has joined

  75. Bjarkan has left

  76. Bjarkan has joined

  77. stvn has joined

  78. Ellenor Malik

    oh god

  79. Ellenor Malik

    can someone help me diagnose a correct-password unauthorized problem?

  80. stvn has left

  81. stvn has joined

  82. Steven Roose has left

  83. sol has left

  84. Ellenor Malik has left

  85. pod has joined

  86. Ellenor Malik has joined

  87. pintosesk has left

  88. stefan has joined

  89. wladmis has left

  90. loopboom has left

  91. ibikk has joined

  92. kusoneko has left

  93. kusoneko has joined

  94. Huxx has joined

  95. Menel has joined

  96. lorddavidiii has joined

  97. some1 has joined

  98. Douglas Terabyte has left

  99. Douglas Terabyte has joined

  100. stvn has left

  101. ru_maniac has left

  102. Licaon_Kter has joined

  103. openchat has joined

  104. TMakarios has left

  105. TMakarios has joined

  106. ru_maniac has joined

  107. sol has joined

  108. stvn has joined

  109. jayteeuk has left

  110. jayteeuk has joined

  111. jayteeuk has left

  112. jayteeuk has joined

  113. some1 has left

  114. some1 has joined

  115. nickomemo has left

  116. nickomemo has joined

  117. nickomemo has left

  118. derventio has joined

  119. openchat has left

  120. openchat has joined

  121. jayteeuk has left

  122. jayteeuk has joined

  123. Martin has left

  124. Martin has joined

  125. jayteeuk has left

  126. jayteeuk has joined

  127. jayteeuk has left

  128. jayteeuk has joined

  129. lorddavidiii has left

  130. raghavgururajan has left

  131. mjk has joined

  132. openchat has left

  133. j.r (jugendhacker.de) has left

  134. j.r (jugendhacker.de) has joined

  135. guus.der.kinderen has left

  136. Menel has left

  137. 404.city has joined

  138. 404.city has left

  139. lorddavidiii has joined

  140. jayteeuk has left

  141. jayteeuk has joined

  142. frog has joined

  143. derventio has left

  144. derventio has joined

  145. mehdi has left

  146. stvn has left

  147. Ge0rG has joined

  148. j.r (jugendhacker.de) has left

  149. stvn has joined

  150. j.r (jugendhacker.de) has joined

  151. junaid has left

  152. 86ul has joined

  153. junaid has joined

  154. rom1dep has joined

  155. henrik has joined

  156. jayteeuk has left

  157. jayteeuk has joined

  158. jayteeuk has left

  159. jayteeuk has joined

  160. Steven Roose has joined

  161. abidal3 has joined

  162. junaid has left

  163. junaid has joined

  164. madmalkav has joined

  165. j.r (jugendhacker.de) has left

  166. jayteeuk has left

  167. jayteeuk has joined

  168. nickomemo has joined

  169. creep.im has left

  170. creep.im has joined

  171. j.r (jugendhacker.de) has joined

  172. rom1dep has left

  173. qnix has left

  174. qnix has joined

  175. stvn has left

  176. xi has left

  177. jayteeuk has left

  178. jayteeuk has joined

  179. Ellenor Malik has left

  180. Ellenor Malik has joined

  181. stvn has joined

  182. jayteeuk has left

  183. jayteeuk has joined

  184. Viktor Lindberg has left

  185. Viktor Lindberg has joined

  186. jayteeuk has left

  187. jayteeuk has joined

  188. neox has joined

  189. qnix has left

  190. stvn has left

  191. abidal3 has left

  192. jayteeuk has left

  193. jayteeuk has joined

  194. stvn has joined

  195. jayteeuk has left

  196. jayteeuk has joined

  197. ajeremias has joined

  198. ntuseracc has joined

  199. lorddavidiii has left

  200. stvn has left

  201. stvn has joined

  202. Menel has joined

  203. qnix has joined

  204. derventio has left

  205. qnix has left

  206. ajeremias has left

  207. lorddavidiii has joined

  208. qnix has joined

  209. stvn has left

  210. stvn has joined

  211. pintosesk has joined

  212. qnix has left

  213. stvn has left

  214. patasca has joined

  215. mehdi has joined

  216. qnix has joined

  217. qnix has left

  218. jayteeuk has left

  219. jayteeuk has joined

  220. jayteeuk has left

  221. jayteeuk has joined

  222. loopboom has joined

  223. stefan has left

  224. loopboom has left

  225. loopboom has joined

  226. stefan has joined

  227. stvn has joined

  228. some1 has left

  229. patasca has left

  230. stvn has left

  231. presprout has left

  232. loopboom has left

  233. patasca has joined

  234. qnix has joined

  235. inky has left

  236. mss_cyclist has left

  237. mss_cyclist has joined

  238. stvn has joined

  239. frog has left

  240. some1 has joined

  241. Kris has joined

  242. patasca has left

  243. mehdi has left

  244. Menel has left

  245. nickomemo has left

  246. Viktor Lindberg has left

  247. Viktor Lindberg has joined

  248. frog has joined

  249. lorddavidiii has left

  250. steven has joined

  251. mimi89999

    https://is.gd/SyJF9o

  252. mimi89999

    Is that the Jabber spam service?

  253. mimi89999

    BTW, got spam from `intercoracoid@404.city`.

  254. some1 has left

  255. mimi89999

    real and rare

  256. Ge0rG

    mimi89999: that's a jabber spam service indeed

  257. ntuseracc has left

  258. mimi89999

    Can the operators of those servers remove their accounts or we block their servers?

  259. mimi89999

    Who is the admin of 404 city?

  260. Ge0rG

    he's often here as 404city

  261. Beherit has left

  262. mimi89999

    I'm flooded with spam from that server now.

  263. mimi89999

    Like one message every 10 sec

  264. Beherit has joined

  265. Ge0rG

    mimi89999: from the same account or from different ones?

  266. patasca has joined

  267. mimi89999

    Where is he?

  268. mimi89999

    Same

  269. Ge0rG

    mimi89999: I've pinged the admin now

  270. tom

    Yes there's a channel

  271. tom

    A process

  272. tom

    You have to give them some time to proccess the abuse request though before they get in a blocklist

  273. mimi89999

    OK. Can you link the channel/form/whatever?

  274. kikuchiyo has left

  275. tom

    What's that private spamfighting muc on yax.im again?

  276. tom

    I got an invite ounce but forgot about it

  277. some1 has joined

  278. lorddavidiii has joined

  279. Ge0rG

    it doesn't exist any more

  280. tom

    mimi89999: https://github.com/JabberSPAM

  281. mimi89999

    How to quickly block a JID server level?

  282. tom

    With mod_firewall

  283. tom

    Or for a specific account

  284. tom

    https://xmpp.org/extensions/xep-0191.html

  285. antranigv has joined

  286. some1 has left

  287. some1 has joined

  288. ajeremias has joined

  289. frog has left

  290. mimi89999 has left

  291. patasca has left

  292. patasca has joined

  293. mimi89999 has joined

  294. kikuchiyo has joined

  295. kikuchiyo has left

  296. patasca has left

  297. patasca has joined

  298. some1 has left

  299. stvn has left

  300. stvn has joined

  301. some1 has joined

  302. kikuchiyo has joined

  303. kikuchiyo has left

  304. lorddavidiii has left

  305. kikuchiyo has joined

  306. kikuchiyo has left

  307. raghavgururajan has joined

  308. raghavgururajan has left

  309. raghavgururajan has joined

  310. kikuchiyo has joined

  311. kikuchiyo has left

  312. kikuchiyo has joined

  313. kikuchiyo has left

  314. kikuchiyo has joined

  315. kikuchiyo has left

  316. some1 has left

  317. netbk.de has left

  318. Ge0rG has left

  319. patasca has left

  320. patasca has joined

  321. jayteeuk has left

  322. jayteeuk has joined

  323. jayteeuk has left

  324. steven has left

  325. jayteeuk has joined

  326. raghavgururajan has left

  327. raghavgururajan has joined

  328. lorddavidiii has joined

  329. some1 has joined

  330. Ge0rG has joined

  331. stvn has left

  332. steven has joined

  333. stvn has joined

  334. some1 has left

  335. some1 has joined

  336. kikuchiyo has joined

  337. kikuchiyo has left

  338. jayteeuk has left

  339. jayteeuk has joined

  340. xi has joined

  341. jayteeuk has left

  342. jayteeuk has joined

  343. kikuchiyo has joined

  344. kikuchiyo has left

  345. jayteeuk has left

  346. jayteeuk has joined

  347. patasca has left

  348. patasca has joined

  349. some1 has left

  350. inky has joined

  351. patasca has left

  352. patasca has joined

  353. kikuchiyo has joined

  354. kikuchiyo has left

  355. rom1dep has joined

  356. kikuchiyo has joined

  357. kikuchiyo has left

  358. kikuchiyo has joined

  359. kikuchiyo has left

  360. some1 has joined

  361. some1 has left

  362. kikuchiyo has joined

  363. kikuchiyo has left

  364. sol has left

  365. sol has joined

  366. patasca has left

  367. patasca has joined

  368. rom1dep has left

  369. frog has joined

  370. kikuchiyo has joined

  371. kikuchiyo has left

  372. kikuchiyo has joined

  373. kikuchiyo has left

  374. some1 has joined

  375. kikuchiyo has joined

  376. kikuchiyo has left

  377. perflyst has joined

  378. guus.der.kinderen has joined

  379. kikuchiyo has joined

  380. kikuchiyo has left

  381. kikuchiyo has joined

  382. kikuchiyo has left

  383. ajeremias has left

  384. alien has left

  385. alien has joined

  386. guus.der.kinderen has left

  387. kikuchiyo has joined

  388. kikuchiyo has left

  389. lorddavidiii has left

  390. lorddavidiii has joined

  391. wladmis has joined

  392. kikuchiyo has joined

  393. kikuchiyo has left

  394. ntuseracc has joined

  395. kikuchiyo has joined

  396. kikuchiyo has left

  397. perflyst has left

  398. patasca has left

  399. patasca has joined

  400. rom1dep has joined

  401. some1 has left

  402. kikuchiyo has joined

  403. kikuchiyo has left

  404. jayteeuk has left

  405. jayteeuk has joined

  406. frog has left

  407. kikuchiyo has joined

  408. kikuchiyo has left

  409. qnix has left

  410. qnix has joined

  411. kikuchiyo has joined

  412. kikuchiyo has left

  413. kikuchiyo has joined

  414. kikuchiyo has left

  415. kikuchiyo has joined

  416. kikuchiyo has left

  417. Viktor Lindberg has left

  418. Viktor Lindberg has joined

  419. patasca has left

  420. patasca has joined

  421. kikuchiyo has joined

  422. Menel has joined

  423. kikuchiyo has left

  424. rom1dep has left

  425. kikuchiyo has joined

  426. kikuchiyo has left

  427. lorddavidiii has left

  428. lorddavidiii has joined

  429. patasca has left

  430. patasca has joined

  431. kikuchiyo has joined

  432. kikuchiyo has left

  433. henrik has left

  434. kikuchiyo has joined

  435. kikuchiyo has left

  436. nickomemo has joined

  437. lorddavidiii has left

  438. henrik has joined

  439. kikuchiyo has joined

  440. kikuchiyo has left

  441. kikuchiyo has joined

  442. kikuchiyo has left

  443. kikuchiyo has joined

  444. kikuchiyo has left

  445. bastoon

    > mimi89999: https://github.com/JabberSPAM Should it rather contain only registered domain names (to ICANN registrars) and not sub-domains? This might break implementations if you change the format in a hurry (and that probably will one day).

  446. kikuchiyo has joined

  447. kikuchiyo has left

  448. henrik has left

  449. henrik has joined

  450. Jonny has left

  451. bastoon

    > mimi89999: https://github.com/JabberSPAM Shouldn't it rather contain only registered domain names (to ICANN registrars) and not sub-domains? This might break implementations if you change the format in a hurry (and that probably will one day).

  452. Jonny has joined

  453. qnix has left

  454. mss_cyclist has left

  455. mss_cyclist has joined

  456. bastoon

    > mimi89999: https://github.com/JabberSPAM Why this list contains FQDNs. IMO no need for sub-domains, and only disavantages. Then if format is changed in a hurry, this may break current implementation (and that probably will one day).

  457. patasca has left

  458. bastoon

    > mimi89999: https://github.com/JabberSPAM Why do this list contain FQDNs. IMO no need for sub-domains, only cons. Then if format is changed in a hurry, this may break current implementation (and that probably will one day).

  459. Martin

    bastoon: Because some xmppds are served on a subdomain.

  460. kikuchiyo has joined

  461. kikuchiyo has left

  462. qnix has joined

  463. bastoon

    Martin: I'm sure spammers will exploit the possibility to infinite subs. Then don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.

  464. pintosesk has left

  465. bastoon

    Martin: I'm sure spammers will exploit the possibility to infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.

  466. kikuchiyo has joined

  467. kikuchiyo has left

  468. bastoon

    Martin: I'm quite sure spammers will exploit the possibility to infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.

  469. bastoon

    Martin: I'm quite sure spammers will exploit the possibility of infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.

  470. kikuchiyo has joined

  471. kikuchiyo has left

  472. Martin

    Spammers usually use unmaintained servers with IBR and do not fire up own servers.

  473. Martin

    Also there is this case: Befor I was running my xmppd on a shared hoster. If I would not have used my own domain it would have been running at user.tucana.uberspace.de. So if I spam why should the innocent xmppd another-user.tucana.uberspace.de also be blocked?

  474. ajeremias has joined

  475. bastoon

    Because he could fire you from using his domain before being considered as spammer. Just thought it would be simpler, lighter and more robust against spammer, but surely bad sides to investigate / accommodate.

  476. kikuchiyo has joined

  477. kikuchiyo has left

  478. lorddavidiii has joined

  479. kikuchiyo has joined

  480. kikuchiyo has left

  481. kikuchiyo has joined

  482. kikuchiyo has left

  483. Menel has left

  484. Menel has joined

  485. kikuchiyo has joined

  486. kikuchiyo has left

  487. kikuchiyo has joined

  488. patasca has joined

  489. belove has left

  490. Ivan A. has left

  491. ntuseracc has left

  492. ntuseracc has joined

  493. ntuseracc has left

  494. frog has joined

  495. ntuseracc has joined

  496. patasca has left

  497. patasca has joined

  498. Martin

    > Because he could fire you from using his domain before being considered as spammer. I don't understand this.

  499. Maranda has left

  500. Beherit has left

  501. Maranda has joined

  502. nickomemo has left

  503. Beherit has joined

  504. 86ul has left

  505. stvn has left

  506. patasca has left

  507. arne-bruen has left

  508. kikuchiyo has left

  509. jayteeuk has left

  510. jayteeuk has joined

  511. stvn has joined

  512. 86ul has joined

  513. jayteeuk has left

  514. jayteeuk has joined

  515. frog has left

  516. qnix has left

  517. Arne has left

  518. kikuchiyo has joined

  519. kikuchiyo has left

  520. kahlb

    This list even blacklists creep.im, which is one of the more popular public servers (among the gajim Standard Servers). Not a good Idea I think, it might break xmpp

  521. raucao

    > it might break xmpp how so? it merely breaks creep.im if they don't get their spam users under control

  522. raucao

    that's what a federation is for

  523. creep.im

    creep.im is a known spam server

  524. qnix has joined

  525. raucao

    :)

  526. Martin

    kahlb: The issue was that the operator was not reachable on his 0157 contacts. You'll see the history in my MR.

  527. Martin

    Unfortunately we found him in here just after it got merged.

  528. bastoon

    > I don't understand this. From your example uberspace.de is still in control to allow/disallow a sub domains (on spam complaining).

  529. patasca has joined

  530. Martin

    Yes, that's why you should report spammers. But blocking all operators from one domain because one is spamming is not useful.

  531. ernst.on.tour has left

  532. ernst.on.tour has joined

  533. raucao

    Operators are free to choose

  534. Arne has joined

  535. arne-bruen has joined

  536. Ge0rG

    let's block all OVH and Hetzner then?

  537. kikuchiyo has joined

  538. kikuchiyo has left

  539. kikuchiyo has joined

  540. kikuchiyo has left

  541. kikuchiyo has joined

  542. kikuchiyo has left

  543. mathieui

    operators being unreachable while their server is used as a spam relay is a valid reason for inclusion in spam lists

  544. kikuchiyo has joined

  545. kikuchiyo has left

  546. kikuchiyo has joined

  547. kikuchiyo has left

  548. Ge0rG

    mathieui: how long should one wait to determine "unrechable"?

  549. mathieui

    Ge0rG, no available means of contact

  550. mathieui

    if one is available, I guess it’s up to you

  551. kikuchiyo has joined

  552. kikuchiyo has left

  553. raucao

    > let's block all OVH and Hetzner then? hetzner do actually block your server's network traffic if you spam their local network

  554. kikuchiyo has joined

  555. kikuchiyo has left

  556. Ge0rG

    raucao: but hetzner isn't using xmpp internally.

  557. raucao

    comparing someone using a hetzner server to spamming the outside network with the hetzner network itself makes no sense

  558. raucao

    the xmpp spam server is not a data center

  559. nickomemo has joined

  560. raucao

    it is a specific service running under a specific domain

  561. Ge0rG

    raucao: what's your point?

  562. raucao

    what is yours

  563. raucao

    your comparison was a non-sequitur

  564. jayteeuk has left

  565. jayteeuk has joined

  566. raucao

    > operators being unreachable while their server is used as a spam relay is a valid reason for inclusion in spam lists this is the point that some people seem to disagree with, and so far there were no valid arguments against it brought forward here

  567. kikuchiyo has joined

  568. jayteeuk has left

  569. kikuchiyo has left

  570. jayteeuk has joined

  571. qnix has left

  572. qnix has joined

  573. kikuchiyo has joined

  574. kikuchiyo has left

  575. Ge0rG

    raucao: my response was to the point about blocking all of uberspace if there are spammy servers on there.

  576. Arne

    do those spammers use some settings?

  577. kikuchiyo has joined

  578. kikuchiyo has left

  579. Arne

    like a special cipher for prosody

  580. kikuchiyo has joined

  581. kikuchiyo has left

  582. Arne

    or a deprecated maybe

  583. kikuchiyo has joined

  584. kikuchiyo has left

  585. Arne

    so we need to change all our settings ;D

  586. Ge0rG

    Arne: spammers register accounts on free servers.

  587. kikuchiyo has joined

  588. kikuchiyo has left

  589. Ge0rG

    Ah, it was strato who requested headers as evidence for the spam I reported.

  590. kikuchiyo has joined

  591. kikuchiyo has left

  592. bastoon

    > let's block all OVH and Hetzner then? OVH automatically forwards whois alias to real mails. I don't get this point. Moreover XEP (if generalized) make the process operator independent.

  593. nickomemo has left

  594. raucao

    > raucao: my response was to the point about blocking all of uberspace if there are spammy servers on there. sry, i didn't see that someone wanted to block all of uberspace

  595. raucao

    i thought it was in response to blocking creep.im

  596. raucao

    mea culpa

  597. Ge0rG

    bastoon: of the two reports I sent to OVH, one server got shot down, and for the other one I never heard back

  598. nickomemo has joined

  599. antranigv has left

  600. Ge0rG

    kode.im and im.koderoot.net are the #1 and #2 sources of spam for me for the last weeks.

  601. Ge0rG

    creep.im is #3. creep.im, wanna have a new list of JIDs to delete?

  602. creep.im

    shoot it. you have my JID

  603. Arne

    mh, maybe free inbandregistration is not really good xD

  604. mimi89999

    BTW, are SPAM reports verified in any way?

  605. mimi89999

    Ge0rG: Did 404 admin respond?

  606. Ge0rG

    mimi89999: haven't seen them online yet

  607. Ge0rG

    Arne: yes, you shouldn't do it if you don't want to be a full time anti-spam admin

  608. Arne

    I use my own webregistration combined with some other things

  609. Ge0rG

    mimi89999: how would you verify them? I always send logs to the ISP / server admin so they can match against their own logs

  610. antranigv has joined

  611. stvn has left

  612. creep.im

    I do IBR and I am only removing spam accounts by request

  613. creep.im

    it's not much work

  614. creep.im

    although this is meaningless: spammers easily create dozens of new accounts

  615. Ge0rG

    creep.im: it's only not much work if nobody reports ;)

  616. mimi89999

    I used to get spam from creep.im, but I'm not getting anymore

  617. Ge0rG

    hundreds.

  618. kikuchiyo has joined

  619. kikuchiyo has left

  620. creep.im

    if you care about your users, the best bet to filter spam at the receiving side

  621. creep.im

    I told you guys like a million times

  622. nickomemo has left

  623. Ge0rG

    creep.im: you mean, each user must filter spam on their own?

  624. creep.im

    but for some reason you are afraid of captcha

  625. creep.im

    not user. server. there are plugins for that

  626. kikuchiyo has joined

  627. stefan has left

  628. Ge0rG

    captchas are bad for usability

  629. creep.im

    you only enter it once

  630. creep.im

    not a big deal for usability

  631. Ge0rG

    what if you can't read well?

  632. creep.im

    you want to create a walled garden without spammers, introducing your custom esoteric registration systems, but his is it different from WhatsApp? it's actually less usable than WhatsApp

  633. creep.im

    you want to create a walled garden without spammers, introducing your custom esoteric registration systems, but how is it different from WhatsApp? it's actually less usable than WhatsApp

  634. mjk

    Ge0rG, creep.im: audio captcha is a thing, too

  635. mimi89999

    creep.im: So every time I want to contact a new new account I need to fill a captcha?

  636. Ge0rG

    mjk: but not in the typical xmpp captcha "solutions"

  637. Ge0rG

    creep.im: my server has IBR and no captchas

  638. creep.im

    you fight spammers, but spammers don't care. users are hurt instead

  639. Ge0rG

    same with captchas ;)

  640. mimi89999

    Would be better to fill the captcha once.

  641. mimi89999

    On registration

  642. creep.im

    Ge0rG: you have IBR with your custom esoteric filtration system, I heard about it

  643. mjk

    Ge0rG: > but not in the typical xmpp captcha "solutions" Unfortunately. I was nudging creep.im to think about it :)

  644. creep.im

    Ge0rG: now open source it and encourage everyone to use it

  645. Ge0rG

    creep.im: I'm doing RBL checks against dnsbl.dronebl.org with ready-made prosody modules

  646. stvn has joined

  647. creep.im

    write an article about it, I don't know. a lot of people have no idea how to approach this problem

  648. Ge0rG

    creep.im: https://yaxim.org/blog/2020/05/12/new-anti-spam-measures/

  649. stefan has joined

  650. Ge0rG

    oh, spammers are also solving recaptcha to register bot accounts.

  651. Licaon_Kter

    Ge0rG: > I'm doing RBL checks against dnsbl.dronebl.org with ready-made prosody modules That site is down?

  652. Ge0rG

    Licaon_Kter: https://dronebl.org/ - the other one is the RBL address

  653. argon3771 has left

  654. argon3771 has joined

  655. Licaon_Kter

    Oh

  656. creep.im

    > creep.im: https://yaxim.org/blog/2020/05/12/new-anti-spam-measures/ great job. someone will definitely find that helpful. although not privacy-oriented operators, who want to keep legitimate Proxy/Tor users using the service

  657. stvn has left

  658. Ge0rG

    creep.im: legitimate Tor users can connect via Tor, join the yaxim support MUC and ask to be unblocked.

  659. creep.im

    how do you distinguish if the user is legitimate?

  660. Ge0rG

    creep.im: I don't ask questions.

  661. creep.im

    also, there may be dozens of such requests

  662. creep.im

    on a day

  663. raucao

    why would you in the first place. if they spam, the account gets blocked

  664. raucao

    tor or not

  665. Ge0rG

    creep.im: I had a dozen of such requests since I made that policy

  666. Ge0rG

    creep.im: a spammer will register hundreds or thousands of accounts at the same time

  667. creep.im

    how many such requests you receive daily?

  668. Ge0rG

    creep.im: I had a dozen of such requests since I made that policy

  669. Ge0rG

    that's two per month

  670. jayteeuk has left

  671. jayteeuk has joined

  672. creep.im

    are there a lot of daily registrations?

  673. qnix has left

  674. creep.im

    proxied and regular

  675. jayteeuk has left

  676. jayteeuk has joined

  677. Ge0rG

    100 - 500 per month

  678. Ge0rG

    I don't count the proxy registrations, I only count the ones that complain

  679. creep.im

    that's manageable

  680. qnix has joined

  681. stvn has joined

  682. Ge0rG

    I also have hundreds of bot registrations sometimes, so it's hard to tell for sure

  683. creep.im

    anyway, you are coming up with your own solutions to a common problem. there should be a universal ready made way of doing this. like a plugin, or a built-in fictionally right in the server(s). manual process is a no go, especially for one-man server operations

  684. Licaon_Kter

    creep.im: redo everything on Prosody then, easy :)

  685. Ge0rG

    creep.im: I've documented my way and made the tools accessible. Somebody else needs to do the same for ejabberd.

  686. creep.im

    Licaon_Kter: it'll still not be automated

  687. Ge0rG

    creep.im: spammers will circumvent automated systems

  688. creep.im

    somehow I didn't get a single spam message in months...

  689. creep.im

    a lot of accounts add me daily

  690. creep.im

    I guess miss of them are spammers

  691. abidal3 has joined

  692. Ge0rG

    I had to solve a captcha before reporting spam to you :P

  693. creep.im

    yes, this is how it works

  694. creep.im

    my point is that it is automated and it works

  695. Ge0rG

    it's automated for you, not for the people who want to talk to you

  696. Ge0rG

    well, maybe for the spammers who can just buy captchas for 5$/1000

  697. creep.im

    still, seems like they're not doing that

  698. creep.im

    I guess they just spam another servers

  699. creep.im

    I guess they just spam other servers

  700. Ge0rG

    creep.im: I know that spammers are buying into IBR captchas, because you buy one, and send thousans of spam messages

  701. Beherit has left

  702. Beherit has joined

  703. creep.im

    IBR captchas... maybe. but to be able to actually send messages, you have to solve another captcha, also you have to be added by the other party as well

  704. creep.im

    only then you are free to chat

  705. nickomemo has joined

  706. creep.im

    anyway, this is rather a temporary measure until the real solution will be available

  707. Ge0rG

    the real solution: people who don't click on spam

  708. creep.im

    "temporary" could mean for next few years...

  709. kusoneko has left

  710. kusoneko has joined

  711. Licaon_Kter

    We are well beyond years already

  712. kusoneko has left

  713. kusoneko has joined

  714. lorddavidiii has left

  715. patasca has left

  716. lorddavidiii has joined

  717. patasca has joined

  718. ajeremias has left

  719. jayteeuk has left

  720. jayteeuk has joined

  721. kusoneko has left

  722. kusoneko has joined

  723. kusoneko has left

  724. kusoneko has joined

  725. jayteeuk has left

  726. jayteeuk has joined

  727. kusoneko has left

  728. kusoneko has joined

  729. kusoneko has left

  730. kusoneko has joined

  731. patasca has left

  732. patasca has joined

  733. kusoneko has left

  734. kusoneko has joined

  735. Martin

    The captcha spam was the reason I could not contact creep.im

  736. Martin

    I got spammed with requests to fill a captcha and did so several times. Still my messages didn't get through. That was pretty annoying and I had to block him to make his server spam me with captcha requests. That's why I contacted him t

  737. Martin

    I got spammed with requests to fill a captcha and did so several times. Still my messages didn't get through. That was pretty annoying and I had to block him to make his server spam me with captcha requests. That's why I tried to contact him via email.

  738. patasca has left

  739. creep.im

    I didn't add you back immediately, that's why you've been "spammed" by captcha

  740. creep.im

    better to spam sender with captcha, then the other way around, right?

  741. patasca has joined

  742. seantodd has left

  743. patasca has left

  744. patasca has joined

  745. Martin

    Captchas are just the most annoying UX in spam fighting.

  746. Martin

    Those block stranger modules break XMPP.

  747. seantodd has joined

  748. belong has left

  749. xi has left

  750. xi has joined

  751. belong has joined

  752. mjk

    Could the invite-only model be the ultimate solution? If, by chance, a rare spammer is invited and then invites a horde of other spammers, the whole sub-tree of accounts can be efficiently truncated manually

  753. mjk

    That, of course, requires storing the data on who invited whom

  754. arne-bruen has left

  755. qnix has left

  756. mjk

    That is, basically, a social graph. A nutritious, concentrated, morsel of user data...

  757. mjk

    Ugh.

  758. steven has left

  759. belong has left

  760. arne-bruen has joined

  761. stvn has left

  762. stvn has joined

  763. belong has joined

  764. Martin

    Invitations are nice for family and friends servers but not for public ones.

  765. mehdi has joined

  766. raucao

    we have closed regs and just started with invitations. but not public yet

  767. raucao

    in the future we're adding lightning network payments for signups

  768. raucao

    that way a spammer would have to pay for their account first. that makes it both harder to automate it as well as introduces a cost

  769. raucao

    i think users inviting other users is generally a good idea

  770. raucao

    obviously having to donate/pay upfront introduces friction, but then again pretty much any effective anti-spam mesure does

  771. raucao

    s/mesure/measure

  772. junaid

    > better to spam sender with captcha, then the other way around, right? creep.im: hence why you dont get many spam complaints. Maybe operators choose to block the domain instead?

  773. raucao

    i think there are also many other ways to have semi-open signups where it's difficult to create many accounts and also easier to shut spammers down

  774. ntuseracc has left

  775. Martin

    The RBL approach seems to work well for Ge0rG in reducing spam bots on yax.im.

  776. stvn has left

  777. stvn has joined

  778. mathieui

    the RBL approach prevents 99.99% of automated IBR registrations

  779. Steven Roose has left

  780. Steven Roose has joined

  781. patasca has left

  782. patasca has joined

  783. bastoon

    Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration.

  784. bastoon

    Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration. But indeed spammer will waste *others* cpu for their benefit ;-)

  785. bastoon

    Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration. But indeed spammers will try to waste your cpu for their benefit ;-)

  786. bastoon

    Or use bitcoin approach to discourage spammers: let the user waste cpu power at registration.

  787. mjk

    > But indeed spammers will try to waste your cpu for their benefit ;-) Yeah, botnets are totally immune to proof-of-work-based filtering. Actual payments, though...

  788. j.r (jugendhacker.de) has left

  789. lorddavidiii has left

  790. lorddavidiii has joined

  791. raucao

    Exactly

  792. j.r (jugendhacker.de) has joined

  793. Beherit has left

  794. vu764hd68fxt has joined

  795. Beherit has joined

  796. frog has joined

  797. qnix has joined

  798. pintosesk has joined

  799. ij has left

  800. patasca has left

  801. patasca has joined

  802. ernst.on.tour has left

  803. ij has joined

  804. ernst.on.tour has joined

  805. openchat has joined

  806. stvn has left

  807. ibikk has left

  808. lorddavidiii has left

  809. jayteeuk has left

  810. jayteeuk has joined

  811. jayteeuk has left

  812. jayteeuk has joined

  813. stvn has joined

  814. mehdi has left

  815. cuc has joined

  816. thndrbvr has left

  817. thndrbvr has joined

  818. patasca has left

  819. patasca has joined

  820. lorddavidiii has joined

  821. patasca has left

  822. patasca has joined

  823. Beherit has left

  824. Beherit has joined

  825. stefan has left

  826. patasca has left

  827. patasca has joined

  828. stvn has left

  829. Kris has left

  830. 86ul has left

  831. tom

    bastoon: that doesnt work because you need to mine a whole block to get a payout

  832. bastoon

    I'm not talking about Bitcoin directly but proof of work related challenge. So can be adapted to every situation.

  833. Beherit has left

  834. bastoon

    I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation.

  835. bastoon

    I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation. Ex challenge: find a hash which verify sha-256(JID + random block) < X With X given by server.

  836. bastoon

    I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation. Ex challenge: find X which verify sha-256(JID + random X < Y With Y given by server.

  837. bastoon

    I was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation. Ex challenge: find X which verify sha-256(JID + random X) < Y With Y given by server.

  838. stvn has joined

  839. tom

    bastoon:

  840. tom

    All this digital methods are not very effective or degrade accessibility in my opinion

  841. tom

    And even then

  842. tom

    Well

  843. mehdi has joined

  844. tom

    It's just a matter of how much of a skid the spammer is

  845. tom

    Here's a recommendation and I want to give this to the creep.im admin too

  846. perflyst has joined

  847. tom

    In the old days when we wanted to registered for an account on the shared UNIX system we shelled in (can be a special ssh user like registration@yourdomain.tld) and that user was redirected to a terminal forum program

  848. stvn has left

  849. patasca has left

  850. patasca has joined

  851. tom

    You entered the username and other detailed you wanted then you were given a code

  852. tom

    In order to activate your account all you had to do was mail a postcard to the sysadmin with that code written on it

  853. tom

    You can still anonymously mail letters so this doesn't hurt anonymity

  854. tom

    And you can mail letters from anywhere in the world

  855. tom

    Postcards are universal

  856. tom

    It also gives you an opportunity to build a collage and a better sense of community

  857. tom

    When you receive the postcard you just type it into your server to lookup the reg details and activate the account

  858. tom

    If you don't get a poscard in 30 days for a code you purge the reg info

  859. tom

    Most spammers don't bother when the turing test is in meatspace and costs actual money

  860. Viktor Lindberg has left

  861. tom

    Not much mind you postage and a postcard are only a few cents even worldwide postage

  862. jayteeuk has left

  863. jayteeuk has joined

  864. jonas’

    doesn’t scale though

  865. tom

    Anybody can afford to send a postcard

  866. jonas’ imagines handling 1k postcards / day

  867. jonas’

    or even per week

  868. Ellenor Malik

    :O

  869. jonas’

    or month

  870. jayteeuk has left

  871. jayteeuk has joined

  872. tom

    jonas’: i doubt that many reges are legit and if your that scale then geeze you would be replacing bigtech and FAANGs

  873. tom

    But

  874. tom

    If you were

  875. tom

    Just replace the postcard with a printable form and buy a SCANTRON machine

  876. tom

    The same kind of machine they use for standardized tests

  877. jonas’

    SCANTRON :D

  878. raucao

    > bastoon: that doesnt work because you need to mine a whole block to get a payout That's what lightning network is for

  879. raucao

    Instant cobfirmation, virtually no fee

  880. tom

    This things scale up to nationwide elections

  881. raucao

    Extra bonus with LN is that you could block a spammer's LN node, too

  882. stvn has joined

  883. pintosesk has left

  884. tom

    https://www.ebay.com/sch/i.html?_from=R40&_trksid=m570.l1313&_nkw=scantron&_sacat=0

  885. Beherit has joined

  886. stpeter has joined

  887. steven has joined

  888. patasca has left

  889. patasca has joined

  890. tom

    jonas’: you really get over 1k legit reges a day?

  891. stvn has left

  892. stvn has joined

  893. Jonny has left

  894. Jonny has joined

  895. Viktor Lindberg has joined

  896. jonas’ has left

  897. jonas’ has joined

  898. jonas’

    tom, no, I don’t run a public server

  899. joerg has left

  900. joerg has joined

  901. Arne has left

  902. arne-bruen has left

  903. Arne has joined

  904. arne-bruen has joined

  905. nickomemo has left

  906. Lily has left

  907. Kris has joined

  908. Lily has joined

  909. ibikk has joined

  910. kusoneko has left

  911. stpeter has left

  912. stvn has left

  913. serge90 has left

  914. serge90 has joined

  915. stpeter has joined

  916. raghavgururajan has left

  917. jayteeuk has left

  918. jayteeuk has joined

  919. jayteeuk has left

  920. jayteeuk has joined

  921. ernst.on.tour has left

  922. ernst.on.tour has joined

  923. stvn has joined

  924. raghavgururajan has joined

  925. patasca has left

  926. stvn has left

  927. kusoneko has joined

  928. openchat has left

  929. ibikk has left

  930. jayteeuk has left

  931. jayteeuk has joined

  932. stvn has joined

  933. ij has left

  934. ij has joined

  935. joerg has left

  936. joerg has joined

  937. openchat has joined

  938. pintosesk has joined

  939. pod has left

  940. cuc has left

  941. lorddavidiii has left

  942. David has left

  943. David has joined

  944. lorddavidiii has joined

  945. ajeremias has joined

  946. j.r (jugendhacker.de) has left

  947. j.r (jugendhacker.de) has joined

  948. lorddavidiii has left

  949. lorddavidiii has joined

  950. loopboom has joined

  951. frog has left

  952. raghavgururajan has left

  953. kikuchiyo has left

  954. Huxx has left

  955. Jonny has left

  956. ij has left

  957. ij has joined

  958. stvn has left

  959. steven has left

  960. sol has left

  961. loopboom has left

  962. argon3771 has left

  963. argon3771 has joined

  964. pod has joined

  965. kikuchiyo has joined

  966. Menel has left

  967. ajeremias has left

  968. patasca has joined

  969. lorddavidiii has left

  970. lorddavidiii has joined

  971. perflyst has left

  972. jayteeuk has left

  973. jayteeuk has joined

  974. patasca has left

  975. patasca has joined

  976. jayteeuk has left

  977. jayteeuk has joined

  978. pod has left

  979. Douglas Terabyte has left

  980. sol has joined

  981. patasca has left

  982. patasca has joined

  983. lorddavidiii has left

  984. openchat has left

  985. openchat has joined

  986. raghavgururajan has joined

  987. openchat has left

  988. mjk has left

  989. Licaon_Kter has left

  990. mjk has joined

  991. raghavgururajan has left

  992. stvn has joined

  993. Douglas Terabyte has joined

  994. Bjarkan has left

  995. patasca has left

  996. patasca has joined

  997. Bjarkan has joined