XMPP Service Operators - 2023-02-18

I will only help you if you have a fierce fealty to the Crown Prince of Nigeria

you know, I don't think there is such a thing. Modern Nigeria's borders are mostly the fault of the British (and one civil war after british independance), any crown princes that aren't the British, were rules of other kingdoms.

interesting, tho, I am really of the opinion, no masters, no gods, no nations, no borders.

I live in a former British penal colony, it is fucked.

oh somewhere I saw that celebrating independance from the british is the most common national holiday

🤣️ awesome

If you're curious here's a story of Benin the capital of one of those former kingdoms. https://www.theguardian.com/cities/2016/mar/18/story-of-cities-5-benin-city-edo-nigeria-mighty-medieval-capital-lost-without-trace

I am curious, thank you.

This is amazing. Are you familiar with David Graeber's works?

some of it

I am not a post-modernists, in fact I dislike it with a passion, but I love these pieces and academic works that dismantle the Eurocentric model of human achievement and development.

agh, diane: take it to Offtopic pls

Licaon_Kter, Shutting up now.

Thank you for the reminder.

wait there's an off topic channel?

For not-on-topic stuff some of us hang out elsewhere xmpp:conversations-offtopic-reloaded@conference.trashserver.net?join ;)

ah thank you

Out of curiosity, what's the status of the XEPs for moderation? I saw the spammer was in some other channels too, and that seems like a good priority for deletion?

It's tricky, sometimes things posted in multiple MUCs are spam, and other times just important news

Yes, the XEPs are implemented and deployed, and we do delete stuff. Main problem is that it was sent while I was sleeping 🙂

Though I thought we had sufficient blocks in place after a similar spammer last year, I'll have to find out why they didn't catch it

Oh fun, the spammer was from Matrix, using a bridge

matrix has been bringing spam in the disroot room too. Not surprised it happened here too then

awr?

> Oh fun, the spammer was from Matrix, using a bridge Of all the bot usages I've never had a "usecase" but I added a mental todo for _"list user jids and kick matrix bridge users asking them to use xmpp"_ Any day now...

I don't think telling spammers to use XMPP is the solution :)

Interesting to see how this develops. If this is going to develop into something more than the one off that it appears to be today, then I wonder if we can start to investigate if this means anything, eg if automatic account creation is easier in the Matrix ecosystem than with XMPP, or that automatic message delivery APIs are easier to use, etc.

MattJ: ¯\_(ツ)_/¯ But I was speaking only about spammers ;)

Testing.

What does my name display as?

Jason Hammons

Thank you.

Spammers use whatever platform that makes the most financial sense. I.e., they advertise on the platforms that has sufficient number of potential paying customers & laymen. While a given messenger is only used by a few geeks, it is usually not a good target for monetization. Matrix has reached commercial viability in the recent years due to its growing popularity and appeal for common people. Although we receive most spammers from Telegram/WhatsApp still (no wonder, given the proportions).

For implementing concrete heuristics, see the XMPP MUC mod-ideas at conference.movim.eu

bkil, I call bs on that

XMPP has had spammers and we developed immune systems to it

xmpp being around since 1998

spam is still an issue for xmpp, and it comes in waves

carlos, are you the same carlos that runs chatterboxtown?

Matrix has a big spam problem because of poor, near-sighted corporate design.

I don't see how you could protect against the most common varieties in the wild, though.

I have a very elaborate scheme in draft that _might_ work in the end, but it is too complicated to implement.

https://github.com/bkil/banhaxmer/

XMPP would provide even less protocol level opportunities to enforce such elaborate web of trust rules than the integer power levels on Matrix.

bkil, you might want to simplify your design by making each componet into a module that returns a float score

of how 'spammy' something is

then tally up the numbers at the end and assign score levels to actions

that's how email spam detection works

I hope it is now not considered BS by you by providing an elaboration. ✏

I do not support stochastic (random) delivery similar to what had became the norm on email today.

And it mostly only works if you are registered on one of the top few providers controlling like 90% of email addresses, otherwise you will have a really tough time to enter or negotiate any issues.

I run my own mailserver

I don't have a problem emailing people on bigmailer servers

On a forum that shared their stats, like 80% registered with gmail even 5 years ago. I guess the ratio today would be 90-95%.

I assume the answer is no but I'm going to ask anyway because I'm really tired of this. Is there an effective way to ban someone who keeps creating accounts on other servers, joining my MUC, and sending extremely graphic and NSFW images? Some have been disgusting porn and others have been dismemberment. I don't know what to do other than continue playing whack-a-mole

Sorry I'm off to sleep now

Amolith, I have that problem too sometimes.

Amolith, if you're running Prosody, set up https://modules.prosody.im/mod_muc_rtbl

But it's a statistical anomaly to only consider those who succeed, see negative publication bias, etc Sorry, too tired to search and link all relevant wiki articles right now

Amolith, the best way i've found is to report the abuse to the provider they come in, ask them to look for other accounts on that ip address

often times they do, and they find 10-30 other accounts to suspend

MattJ, I'm not at the moment but I'm honestly considering it because it seems to have a lot more modules for preventing spam

Amolith, develop a checklist for dealing with spammers

Closing words: you can get a (residential proxy) for a few cents to work around such simple IP block. And also, most providers can take days to act according to our experience.

it would be really nice if we could work together on creating a blocklist for people who are creating a bunch of accounts on open reg xmpp servers

something like this but for JIDs maybe https://github.com/JabberSPAM/blacklist

That's what mod_muc_rtbl does, but in real-time

Yep

the jabberspam blacklist is really unfortunate

All tonight's spam JIDs have been added to the blocklist within a minute or two of a blocklist admin being aware of a new JID

I get a lot of legitimate users from creep.im, even tho it's listed

and messages have been scrubbed from the room history of MUCs I have sufficient control over

thanks for that MattJ

The tools are here, they're just not universally deployed

MattJ: no

Is here anyone from magicbroccoli.de Server? There is a muc and the owner hasn't been seen for a while and there are no other Moderators, but there is a user having the n-word AS there user name and he de shoukd be banned. The muc is lineage@conference.magicbroccoli.de

carlos, okay, thanks

The tools are here, in Prosody, perhaps. Outside of it? Openfire has a jabberspam-list, but nothing as 'live' as mod_muc_rtbl

fireburner, there's also someone posting gore porn across mucs from magiccrobboli

Maybe the same person

can people start droping the spammer's IP in here?

i can't see their jid as i'm not an admin in the muc it's happening, but templeos is their nick

would help quite a bit

when dealing with spam every little bit helps

no single solution by itself stops spam

Now there is someone calling themself 'niggers' spamming around in multiple mucs

a bunch of little systems compounded into a gestalt creates a burden larger then the spammers is willing to deal with

least in most cases

fireburner, it's almost certainly the same person

They've been creating accounts across various servers (almost all of them deleted already), and spamming MUCs with various unpleasant stuff

If you are an operator of a Prosody server with public MUCs, ensure mod_muc_rtbl is loaded and set muc_rtbl_jid = "xmppbl.org"

You may also consider https://modules.prosody.im/mod_muc_restrict_media

MattJ, quick questions about muc_rtml

does that mean trusting everyone who can create and become an admin of a muc on their server

and what's the link to the blacklist already on xmppbl.org?

I'd like to take a look at it myself before applying it

There's no web link, and only hashes of JIDs are in the blocklist

why hashes?

Is that plugin based on a XEP, Mattj?

For many reasons, JIDs may be identifying, and may contain the same offensive stuff we want to block, for example

Guus, XEP-0060

pff :)

I think you know that's not what I ment :)

I wasn't sure, but I'm not sure what else to say :)

something that defines the hashing algorithm commonly used, that has suggestions on where & when to apply additions / removals, etc.

our friend is quite active in here atm: en@chat.404.city

But from your earlier response, I take that doesn't exist.

Guus, no, there is no such definition. mod_muc_rtbl assumes sha256(jid) currently, mod_firewall also supports subscribing to these lists but IIRC it's configurable to use any format

A XEP makes for an easy reference into a to-be-created feature request ticket, that's all :)

Right now I can only offer https://modules.prosody.im/mod_muc_rtbl#protocol

But it's barely a protocol right now, apart from XEP-0060

I just created a 'steal Prosody's stuff' ticket

lol

although I suspect that there's little interest - most of our servers aren't big in federating - mostly inner-org, private servers.

I don't see where you actually subscribe to xmppbl in the module's document or source

muc_rtbl_jid?

MattJ, are you thin one running xmppbl?

nuegia.net: I don't read LUA, but line 8 suggests it is a configurable option: https://hg.prosody.im/prosody-modules/file/0a257d1402c3/mod_muc_rtbl/mod_muc_rtbl.lua

(which kind of makes sense to me)

I see that

nuegia.net, xmppbl.org is run by a few people, and a few people have access to manage the blocklist

That's about as specific as it will get for now in a public venue. You're free to take it or leave it :)

ok

What are the conditions for a jidhash to get added to the blocklist, or removed as of now?

that's done manually by a human entering in things right now right?

Is this a project that was spun up for an emergency, or a more formal thing?

It was spun up because I was tired of manually banning JIDs across dozens of MUCs

There's no specific list of conditions to get on the blocklist, but it's only used when necessary (spam/abuse across multiple MUCs)

If one could enter more then one node, and had some easy way to add and remove items, it could be quite a distributed feature.. Lots of servers could run their own nodes and others could subscribe to other nodes they trust.

Yes, it's definitely planned to add support for more than one list (you can already do this with mod_firewall, but it's more complex than mod_muc_rtbl)

Multiple lists, aggregators of lists, all would be good

ok

thankyou for this

But the current module was written in a limited amount of time to solve a specific problem I was facing at the time

Snikket far future feature?

I'll apply it now

Snikket servers generally don't have much of a spam problem, by their nature. But potentially, sure.

For the time everyone only uses snikket

Well then, of course :)

The current method surely works for the one Spammer once every 6 month

MattJ, your saying mod_firewall now has the ability to update it's lists from pubsub?

I'd like to see more work on moderation tooling in XMPP. I've thrown a few things out, and they're useful, but there's a lot more that could be done to expand them and make them more user-friendly.

nuegia.net, yes, since 2 years ago: https://hg.prosody.im/prosody-modules/rev/b88f05c878ac

muc_rtbl_jid = "xmppbl.org" right?

Though it looks like I possibly neglected to update the docs

Right

thanks

Hey is there an easy way to have an exeption list but only for passing through certain blocklists but still go through other firewall checks with mod_firewall?

mod_firewall can do pretty much anything you want

it's synxtax is kind of confusing, especially when you get chains involved

https://modules.prosody.im/mod_firewall#check-list has an example to check a list

If anybody else has encountered the same need, I was hoping they could publish a template or something

Yeah, I know how to check a list, what i'm talking about is how to bypass the list check only for certain conditions

nuegia.net: like https://burtrum.org/kids_firewall.pfw.txt ?

Any ejabberd support for the block list?

Harper, not that I'm aware of, currently

the usecase is i want to apply a blocklist for servers, but I want to whitelist all the jids already coming into my servers that aren't causing trouble so their not affected by the block

Harper, I think there is a module for the text file one (which blocks whole servers), but not the real-time lists and not for MUC

nuegia.net, I try to be mindful of that, for example Prosody's example spam-blocking rules will skip most checks for users on your roster already, and mod_muc_rtbl won't ban people who are members of a MUC

So the local server is basically the priority, and the blocklists/filtering are just used otherwise

The xmppbl is just pubsub node?

Yes

another spammer jid: niggers <niggers@chatterboxtown.us>

icky.

templeos <templeos@magicbroccoli.de>

That account was already deleted earlier

afaik

thanks

everyoneisattractedtominors@chatterboxtown.us was just added to the RTBL

yes the account is banned already.

with the content and names of the spam, it doesn't seem financially motivated

This is the same person who's been spamming my MUC ✏

not only yours

Is this our old friend morph again

> not only yours Yep, I just looked through some of my other MUCs with recent activity

They're everywhere

This one is spamming now everyoneisattractedtominors@chatterboxtown.us

now it's xmppiscensorship@chatterboxtown.us

"banning people who post gore is censorship" is certainly a take lol

I toggle the CAPTCHA option in my MUC through Dino. I don't know whether that actually enables a CAPTCHA but we'll see whether it makes a difference

Hey operators

barev

for the first time we got a porn/spam in our MUC. while I banned the user, I’m not sure if I can delete the old message. any advice?

antranigv, what software does your service run?

antranigv, https://modules.prosody.im/mod_muc_moderation.html on prosody

I’m running prosody

I really want to move to ejabberd tho :D

@wurstsalat thanks. I’ll check it now

antranigv, enable mod_muc_moderation: https://modules.prosody.im/mod_muc_moderation

Oh, wurstsalat already said, sorry :)

antranigv, you'll need a XEP-0425 capable client though (poezio, gajim, ...)

Gajim on macOS? lemme check

some people use Gajim on macOS, yes (no official packages though)

okay, time to get the FreeBSD machine :D

flatearthandelitegenderinversion@chatterboxtown.us is spamming now

thx wurstsalat

oh god, it’s the same spam everywhere

We need like a global blacklist github of known domains with spammers

Since you're running Prosody, you should add mod_muc_rtbl too: https://modules.prosody.im/mod_muc_rtbl (with muc_rtbl_jid = "xmppbl.org")

That already exists

Harper: Yeah I know but it is inactive

It's not inactive

The set of spammy servers doesn't change daily

MattJ: just muc_rtbl_jid? no need to set muc_rtbl_node?

No, the default is what you want

thanks

I guess restarting prosody is the easiest way to get it to load after editing the .cfg.lua?

prosodyctl shell config reload && prosodyctl shell module load muc_rtbl conference.example.com

has someone here ever done a prosody -> ejabberd migration with data and users? Users are in prosody files

i mean I can do it manually, I know both pretty well, but in case there was a conversion tool