XMPP Service Operators - 2022-04-18

I noticed when I add 404.city users to a MUC, some people become unable to send OMEMO messages, essentially breaking the group chat

how can this be? is there anything that must be done on my side or the 404.city side?

sha: depends on 404 I'd guess, their users already have omemo active? Iirc 404 had mod_block_strangers active and it might break smth

No wonder if mod_break_xmpp aka mod_block_strangers is involved.

yes I am using OMEMO with the person who broke the MUC

sha: you're probably in their contacts already, otherwise this probably wouldn't have worked, and it isn't in the case of others

yes, this is the case. is there anything I can do about this situation except removing 404.city users from the MUC? :(

sha: ask them to change server lol https://providers.xmpp.net/

maybe, strangers being able to retrieve OMEMO keys should be a criteria for compliance.conversations.im or providers.xmpp.net ...

I may be wrong, but I think it is ✏

404.city scores 100 on the compliance test: https://compliance.conversations.im/server/404.city/

mod_block_strangers is not subject to the compliance test.

sha: You can solve it if they add every member of the muc to their contact list.

Other options are : they change the server or you don't use encryption in the muc

> 404.city scores 100 on the compliance test: https://compliance.conversations.im/server/404.city/ > mod_block_strangers is not subject to the compliance test. This is interesting, because the _intention_ of the c.c.im's omemo test is to determine if the pep nodes are accessible to strangers, judging by the help text: > For XEP-0384: OMEMO Encryption* : > > Prosody 0.11 Support is included in mod_pep > Prosody 0.10 *Add the community module mod_omemo_all_access*. (emphasis mine)

So the methodology seems flawed, not the intention

404 is ejabberd, newer than 18.06 supports this. Unless....config is "whitelist" I guess

Where do you see that help text?

Martin: I don't, 'tis is history :)

?

sha, mjk There is no solution to the problem of flooding and spam from strangers

404.city, I invite my buddy to a private group, fix this...

There is: Turn off s2s. It will solve that problem without others suffering to contact people on your server.

If they get a message that your server doesn't federate it is less annoying than fighting captcha spam from mod_block_strangers.

Licaon_Kter, I am not a ejabberd developer to fix your issue

What is my issue exactly?

Martin: > Where do you see that help text? Just a random server that doesn't pass the test

Martin, https://github.com/iNPUTmice/caas/tree/master/caas-web/src/main/resources/help

Seems ejabberd devs just don't care: https://github.com/processone/ejabberd/issues/2644

mjk: Licaon_Kter thx

> Martin‎: There is: Turn off s2s. It will solve that problem without others suffering to contact people on your server. You are comparing the incomparable, trying to make fun of the flood problem, which actually leads to the disruption S2S of the federation

404.city, I can see why to enable mod_block_strangers, but there seems to be a lot of collateral damage, like not being able to add 404.city users to encrypted MUCs (if mod_block_strangers is actually to blame). Maybe there is a way to enable retrieving OMEMO nodes without allowing one-to-one messages from strangers?

or having the block strangers on a per-user basis and allowing users to opt-in when they get spam

↑ both great suggestions (for the module developers :))

Martin, patches welcomed?

That I am a victim of this doesn't make me a (erlang) dev.

sha, I don't know about such settings

Martin, so, what now?

Why are you asking me? I'm no ejabberd dev.

I just stated that they didn't care to fix the terrible behavior of this module for over three years.

For me it's easy. If you spam me with captchas I block your account. 😃

If you send spam and I can't reach 0157 contact -> block the whole server.

Life's too short for captchas. 🙂 ✏

sha, Some say that this can be fixed by adding all the users of the private conference to the roster. But we all understand that this is a bad decision. If disable flood protection, all active users of various public chats will sooner or later receive a flood on their accounts. Some people flood the accounts of those they argue with in public chats

Martin: so we have to shame devs when they don't fix the bugs that annoy us? Interesting...

I don't see shaming there.

It was removed from the release milestone so it seems they don't consider it important. So I didn't say anything wrong.

ok maybe mod_block_strangers is not even at fault here.. I can retrieve the `eu.siacs.conversations.axolotl.devicelist` and bundles from a brand new account fine...

Weird. If you can receive the omemo keys you should be able to encrypt as well.

yes, on gajim in a one-to-one chat I can encrypt messages

I still get a "Messages from strangers are rejected" when trying to send the message, as expected (which is not shown in the UI, just in the XML console)