XMPP Service Operators - 2023-06-09

> not sure what could fix it I think giving this mission to the MUC server could fix it. Though there are still three other reasons causing matters, but these matters are small, could be easily solved by users if only they are not newbies.

> I think giving this mission to the MUC server could fix it. Then all occupants who can connect to the MUC server successfully can get OMEMO keys from others successfully too.

The muc sever has a pep node and stores all omemo keys of occupants, and on an encrypted muc, it additionally only let's clients join if they present an omemo key. That sounds like a good idea.

omemo prekeys get updated, you want the muc server to continously pull keys?

This is ungood https://github.com/acmesh-official/acme.sh/issues/4659 but probably ok if you are using LE

How is one able to see users listed on xmppbl.org?

one is not. Only hashes are published to xmppbl.org.

regarding that acme.sh issue: it's been a while since I was thinking of grabbing popcorn while reading github issues. :)

Hehe same

> one is not. Only hashes are published to xmppbl.org. How could a server operator check whether a jid is already on the list if that particular user is spamming for example.

gooya: you hash all your JIDs and see if one is on the list

Generally it's not designed for manual lookups. If someone is spamming, they're either not on the RTBL (at that time) or you don't have RTBL active on your server.

Mates. Do you have server addresses which block strangers suggestion? 🥺️

☭Mike Yellow: what does that even mean? Only the questions or contacts?

> ~Mates. Do you have server addresses which block strangers suggestion?~ Do you have server addresses that block strangers?

I do not want to receive messages from non-contacts.

☭Mike Yellow, I guess you're looking for a server that has mod_block_strangers enabled

Machine translation: Do you have a server address suggestion for blocking strangers?

Yeah. My expression was wrong.

I believe jix.im has mod_block_strangers enabled

Thank you.

And creep.im

> And creep.im ……

I want to find several servers that: Has CAPTCHA during registration. Could be registered directly on Conversations. Has mod_block_strangers enabled. Alright. I think I would better test one after another by myself.

☭Mike Yellow, why would you want CAPTCHA?

I worry that they may be blocked by other public servers in the future because they are easily to be abused, I think.

This isn’t the consensus here, CAPTCHA is trivial to solve for very little money, and thus only prevents legitimate users from registering.

For instance because they are blind, or need assistive tools.

Hi, any suggestions for a public xmpp server where voice calls actually work?

xmpp.jp doesn't seem to work with voice calls

xsr, at jabber.fr we haven’t got any report that it was failing in a long time, but there is still no automated testing in place.

I’d like to fix that someday.

Link Mauve: I registered on there but my IP send to be banned I'm using a VPN

Which IP is that? You can tell me in private.

In general we only ban IPs which do abuse us.

Like creating a whole bunch of accounts, stuff like that.

For voice calls, who's bandwidth is being used, the client or the server?

It depends on the network of either clients mostly.

Wow that is interesting to know

For optimal latency clients will try to connect to each other directly, but when both are behind NATs this can’t happen easily so they will fallback to TURN servers.

Thanks for rust info did you get my private messages?

Rust should be that

> It depends on the network of either clients mostly. Would that apply to both clients using mobile phones?

It would be nice if there is a module to enable blocking of non-contacts on an account basis

xsr, I don’t understand what you mean by rust info, and didn’t get private messages from here.

xsr, the form factor of the device doesn’t matter to whether a connection can be established between two clients.

Let me manage you again another way

Link Mauve: I've used private message function to send you private message I don't know why you don't receive them, can you send me a private message?

I'm using conversations

xsr, sent.

I didn't get it, does a new window open?

I have never used Conversations, I don’t even use Android.

>> It depends on the network of either clients mostly. > Would that apply to both clients using mobile phones? Client's bandwidth will be used in any case. If you use sim data, yes you should be care about bandwidth. If you're on wifi, it doesn't matter much.

My JID is linkmauve@linkmauve.fr though if you want to contact me directly.

MattJ, ralphm, jonas’, are private messages disabled in this room?

I don't see anything in the room config about that

Does this muc use mod_log_http and the default template for it?

https://logs.xmpp.org/operators/

mod_http_muc_log, default theme afaik

Link Mauve: I get omemo error when I try to send you a message, can you add me from your end?

> mod_http_muc_log, default theme afaik alright thanks!

Trung: thanks I have unlimited SIM data plan

awesome. My server is in ViệtNam so if you have problem with latency, ping me: https://trung.fun/lien-lac/lien-lac.en.html

Trung: thanks

xsr, I don’t use OMEMO.

For anyone reading the logs, the issue wasn’t the VPN but the registration of many accounts in little time, which triggered our throttling script.

How many public servers have blocked creep.im?

No one knows

Nobody knows

…… OK. Thank you.

This is a decentralized network and there are no central stats

probably even the server operator can't tell

One doesn't even know how many servers there are

Is Creep.im to avoid for some reason?

It's on this list at least, https://github.com/JabberSPAM/blacklist/blob/master/blacklist.txt

So probably blocked by some

xsr: yes and no

The block part makes contacts adding a pain at first, each need to add each other

Hmmm... I should tell newbies trying to keep their XMPP addresses as secrets and not to rely on mod_block_strangers too much. About 97% public servers do not block strangers, I think.

Yes, that's a good suggestion

And/or have a public address and a private one. So the public one can be deleted if it has too much spam.

> And/or have a public address and a private one. > So the public one can be deleted if it has too much spam. Not a good idea for our goal. They still need to learn how to use XEP-0016 if they want to communicate with many people. We want to make it popular in China and even make them use it in real life that close to their local friends. What do you advertise XMPP for, only for minority anonymous communication?

Contacts addresses are not so easy to remember or migration for different another account.

If users don't have much risk of changing accounts, then room owners and admins will also be much easier.

What's this obsession with that XEP? I didn't see it mentioned in the last 8 years and you keep talking about it daily?!

Licaon_Kter, Would you like to make XMPP popular, even the most popular?

Or you just want keep an easy environment that hasing no very many users so there is no much to concern too?

That is the only way to achieve a white list function without mod_block_strangers.

Or you don't publish your address

Then it is impossible for users to make many friends on XMPP platform.

I don't get spam... Then again I'm not making it public either, or try to join only reputable rooms.

> Would you like to make XMPP popular, even the most popular? Use Quicksy then...

> Then it is impossible for users to make many friends on XMPP platform. Friends don't spam you, what are you talking about?

It's the same as your phone number...you're getting spam there? How big is your whitelist?

One of the important reasons that we choose this platform is it does not need a phone number.

We want to use XMPP for dangerous politics movement. We can not hide ourselves or our comrades can not find us. We always have human enemies spammers.

In the early stages of promoting XMPP, there may not be many enemies, but when it becomes popular, this situation is bound to occur.

> We can not hide ourselves or our comrades can not find us. Exactly this.... so you block pre or post spam

We do not spam and we do not support to spam too in the manual.

What manual?

Our comrades also need to see such a whitelist function or we will not have more power and energy to advertising XMPP.

> What manual? https://shzyly.rf.gd/文章/电子信息/XMPP用户使用说明书/EPUB/目录索引.html Still not flawless even after three months.

We have encountered an accident that we gave an enemy voice in our room. Then it send extremely long text and stuck our Gajim to death, bothering all occupants. We can underestimate spammers no longer.

Long story, is this hard to understand?

Personally, I understand what you're saying, but I can't agree with many aspects of your approach

But it's yours, so you do whatever you think is best :)

☭Mike Yellow: A goodlist function? I have my MUCs all set to moderation so people can only speak after approval by the leadership.

Machine translation: We had anticipated earlier that the people who initially used XMPP would not agree with our approach. Whether they really agree or not, they can only say so to avoid getting involved in politics. In any case, we believe that only this Political movement can popularize XMPP, and the reason has been written in the manual.

> ☭Mike Yellow: A goodlist function? I have my MUCs all set to moderation so people can only speak after approval by the leadership. We hope to achieve a world that you can open door to strangers without concerning bad people, too.

idk

:> Nevermind, after all, it is not a room to “propaganda”.

What is the view in the xmpp community of the new protocol called nostr?

The one feature that piqued my interest is the concept of a public and private key part, from a privacy and security point it makes a lot of sense

sounds revolutionary /s but offtopic for here :)

The xmpp community asks "is it xmpp?" 🙂 Many are sceptical about new protocols and think one could accomplish more then to just invent a new protocol every x years.

xsr: Pretty cursed. Activitypub alceady has pub and priv keys

The reason I brought it up was would it be possible to adopt the keys concept into xmpp?

Ps I love xmpp

xsr: That concept exists for more than 40 years. You can start reading some history here about it: https://en.wikipedia.org/wiki/Public-key_cryptography (Nostr wasnt the first), yes xmpp has something similar ✏

msavoritias: what is the the similar one in xmpp?

Its described here: https://xmpp.org/extensions/xep-0384.html ✏

I'm a user of omemo, the keys in nostr are used for your id instead of of the email style and password in xmpp

oh goodness

Ah you meant for usernames.

Or ids sorry

Yes for IDs

It would be awesome to have that in xmpp

Well you dont need passwords and stuff. If you have a server you can use oauth. To handle all authentication :)

msavoritias: oh really, can you point me to a guide please

https://modules.prosody.im/mod_auth_oauth_external You would basically do something like this.^

You have an oauth server that pives credentials to your server/user using this module

And they are scoped and can be revoked. Tokens to be exact

But that of course still means you store something somewhere. But it could be that the oauth server has just a hardware key and not passwords. Havent done it though so dont know. But definetily interested.

The username part there is nothing in xmpp. Its tied to dns as of now and domains. Petnames could be interested but nothing in the works as of now

msavoritias: very interesting, the nostr meet pair takes about a second to generate,