-
perflyst
tom: as mentioned in the mail yesterday you are the first reporting this issue. logs are now active to get some more information why exactly that happens. will let you know
-
tom
Thanks perf
-
tom
I saw your message
-
Andrew Hansen
Hi guys, I'm new to this. I've just setup my own ejabberd xmpp server, everything is running great, will see how it all goes.
-
Ge0rG
do you have in-band-registration enabled? If yes, spammers will appreciate that ;)
-
jayteeuk
Andrew Hansen: Welcome!
-
christian
Ge0rG: i habe it enabled. And i am controlling the situation well ;-)
-
e2e.ee
Why do spammers use in-band registration? Why do spammers create lots and lots of accounts? What advantage does that give them?
-
e2e.ee
I am not a spammer... so I need to ask. 🤣
-
Licaon_Kter
e2e.ee: you need an account to send messages, not sure what's the confusing part
-
pintosesk
I guess if you look at it from a statistical point of view, it increases the yield of the operation.
-
pintosesk
Whether or not it's diminishing returns depends on how effective each bot is at its task.
-
e2e.ee
But, the spammers can create accounts from the website, so why prefer in-band reg?
-
jonas’
e2e.ee, you need to write a new parser for each new website
-
jonas’
in-band is standardized
-
jonas’
you only need to write a single thing which can do that
-
e2e.ee
How many accounts do they typically create in-band?
-
jonas’
50 lines in aioxmpp, done
-
jonas’
a lot.
-
mathieui
a lot.
-
jonas’
but sometimes also not a lot
-
jonas’
I hear
-
jonas’
but tehn again, a lot, but not at the same time
-
e2e.ee
"a lot" 😂 sounds funny. tens? hundreds? thousands? more?
-
mathieui
if left unsupervised without throttling, yes, they will easily create thousands
-
e2e.ee
Wow. That sucks.
-
e2e.ee
Have a wonderful day everyone!
-
jayteeuk
e2e.ee: You too!
-
Ge0rG
Yeah, speaking from experience, you get multiple hundreds to ~1000 accounts per batch, using a wordlist alphabetically, spreading the registration over Tor / open proxies to circumvent per-IP limits
-
Ge0rG
later they'll login, one after another, all from the same IP, and send a dozen spam messages to different JIDs each
-
e2e.ee
Ge0rG: That is interesting.
-
e2e.ee
Ge0rG: what happened to your yax vCard image? I don't see it today.
-
Ge0rG
Dunno
-
Ge0rG
Maybe there was a yak shaving accident.
-
e2e.ee
https://e2e.ee/upload/SjGAto02yn_q_ls4/20210204_114110.jpg
-
jonas’
oh indeed, it’s gone
-
e2e.ee
Update the image to republish.
-
jonas’
paint a mask on your yak while you’re ati t✎ -
jonas’
paint a mask on your yak while you’re at it ✏
-
Ge0rG
that yak is from 1989, it's immune to global pandemics from the 2020s.
-
jonas’
but is it a sterelising immunity?
-
mimi89999
Establishing a secure connection from lebihan.pl to national-security.agency failed. Certificate hash: 20ca7c29f7942173de8718a092cf0593f5ab445fe082a02a35801fd2770f6ac8. Error with certificate 0: certificate has expired.
-
mimi89999
Whoever that it
-
mimi89999
.
-
mimi89999
Ping
-
Licaon_Kter
mimi89999: pong
-
mimi89999
Establishing a secure connection from lebihan.pl to national-security.agency failed. Certificate hash: 20ca7c29f7942173de8718a092cf0593f5ab445fe082a02a35801fd2770f6ac8. Error with certificate 0: certificate has expired.
-
neox
national-security.agency 🤔️
-
Martin
On http they forward to https://www.nsa.gov/ 😁
-
mjk
Lol
-
Martin
Also ironic that mimi89999 can't establish a secure connection to the security agency.
-
kahlb
They don't want no security for citizens.