XMPP Service Operators - 2024-07-27


  1. jjj333_p (any pronouns)

    how do i ban a server from a muc?

  2. jjj333_p (any pronouns)

    we have a spammer comming from cock.li which is reportedly unmoderated, and it would be easiest to outcast the whole server

  3. jjj333_p (any pronouns)

    outcasting *@cock.li did not work

  4. moparisthebest

    Remove the *@

  5. jjj333_p (any pronouns)

    Yep I tried that. Was being very dumb. Thank you

  6. moparisthebest

    np

  7. jjj333_p (any pronouns)

    Do messages error to cock.li for anyone else?

  8. jjj333_p (any pronouns)

    I assume it’s not an issue on my end since i can message others. Other people it doesn’t deliver but it doesn’t error

  9. jjj333_p (any pronouns)

    I get an error about no aaaa record for s2s

  10. jonas’

    jjj333_p (any pronouns), that's weird, because the cock.li SRV record points to a host with both A (IPv4) and AAAA (IPv6) address records.

  11. jjj333_p (any pronouns)

    https://downloadable.pain.agency/file_share/6HkzAuqsgr5Tyw2YFM1MeEnY/ea5573c2-e354-46cc-a80f-2f978af60722.png

  12. jjj333_p (any pronouns)

    its some troll so its whatever, i just worry something is wrong with my server

  13. jjj333_p (any pronouns)

    related but unrelated do you know if blocks will reject the stanzas at a server level? cuz its turned from troll to botspam and i would like to take load off what i can

  14. jonas’

    jjj333_p (any pronouns), what kind of blocks?

  15. jonas’

    (it depends™)

  16. jonas’

    XEP-0191 as well as banning a user/server from a MUC will act on the server level.

  17. jjj333_p (any pronouns)

    > jjj333_p (any pronouns), what kind of blocks? like from a client

  18. jonas’

    some clients implement local blocking/ignore functionality which is handled by the client only.

  19. jjj333_p (any pronouns)

    i mean like dms

  20. jonas’

    DM blocking outside a MUC will generally be implemented using '191, i.e. by asking your server to reject anything from that address in the future.

  21. jjj333_p (any pronouns)

    makes sense, alright

  22. jonas’

    DM blocking inside MUC is a bit trickier, not sure if '191 is used there throughout all clients.

  23. jonas’

    (I seem to recall that there were issues where applying a '191 block in a MUC PM would get you kicked out of the MUC due to a bug in the protocol. I don't know how much of that has been fixed and on which levels)

  24. jjj333_p (any pronouns)

    its outside a muc. their entire server has been outcasted from the muc that they know of

  25. jjj333_p (any pronouns)

    (it is cock.li yes)

  26. jonas’

    ack

  27. jonas’

    you can also block entire domains using '191 btw

  28. Menel

    > (I seem to recall that there were issues where applying a '191 block in a MUC PM would get you kicked out of the MUC due to a bug in the protocol. I don't know how much of that has been fixed and on which levels) I did that with prosody without issues. But of course it isn't very effective.

  29. jjj333_p (any pronouns)

    > you can also block entire domains using '191 btw good to know, ill keep that in my back pocket. im generally unbothered so ill leave it open just to see whats poppin as theyre actually targeting one of our community members not the muc itself or any of the mods

  30. jjj333_p (any pronouns)

    > ack im told cock.li is infamous accross xmpp

  31. jjj333_p (any pronouns)

    i take it creep.im is either abandoned or an abuse server?

  32. jjj333_p (any pronouns)

    (no contact whatsoever on the site)

  33. Menel

    https://github.com/JabberSPAM/blacklist/blob/master/blacklist.txt

  34. Menel

    Block the whole Domain

  35. Menel

    On the server level yeah

  36. jjj333_p (any pronouns)

    ill look into that. its just me with no meaningful mucs on this server so thats fine for now, ill advise the admin of the muc i moderate. for now the server is banned at a muc-wide level

  37. jjj333_p (any pronouns)

    also is there somewhere built into prosody or should i just firewall block all traffic

  38. Menel

    Prosody has multible ways to block that. You can use the one you like most : https://modules.prosody.im/mod_admin_blocklist.html https://modules.prosody.im/mod_s2s_blacklist.html https://modules.prosody.im/mod_firewall.html

    👍 2
  39. jjj333_p [pain.agency]

    k tysm

  40. Menel

    https://hg.prosody.im/prosody-modules/file/254a21a104aa/mod_firewall/scripts/jabberspam-simple-blocklist.pfw https://hg.prosody.im/prosody-modules/file/254a21a104aa/mod_firewall/scripts

  41. Polarian

    do be careful... cock.li seems somewhat popular... people could complain especially if you run a public provider

  42. jjj333_p [pain.agency]

    mine is open by request with no users yet, the one that im worried about (friend's instance, hosts the muc) has implemented that. not many users and most shouldnt mind.

  43. jjj333_p [pain.agency]

    and at this point its just straight spam

  44. Menel

    servers on that list are outcast and people must switch servers. It's not worth to have them spam everything for some legit users. The firewall script can send an individual error message, Informing people of that fact.

  45. Polarian

    surprised my domain hasn't been added to the blocklist /j

  46. Polarian

    > servers on that list are outcast and people must switch servers. > It's not worth to have them spam everything for some legit users. > The firewall script can send an individual error message, Informing people of that fact. so is cock.li considered a spam server then?

  47. Polarian

    The entire domain?

  48. moparisthebest

    By who ? Apparently by at least 1

  49. Menel

    Well, just read the github Readme anyone who is interested

  50. worlio.com

    jjj333_p (any pronouns): Surely you have reported these spammers to the service operator before blocking them, right? If not, that isn't good practice and doesn't do anything to solve any problem.

  51. jjj333_p [pain.agency]

    > servers on that list are outcast and people must switch servers. > It's not worth to have them spam everything for some legit users. > The firewall script can send an individual error message, Informing people of that fact. Good to know

  52. jjj333_p [pain.agency]

    > jjj333_p (any pronouns): Surely you have reported these spammers to the service operator before blocking them, right? If not, that isn't good practice and doesn't do anything to solve any problem. The cock.li abuse report is email only and requires all headers (something I can’t fetch after the fact from gajim), and I could not find one for creep.im

  53. jjj333_p [pain.agency]

    The creep.im site seems to acknowledge its used for abuse but not provide and abuse report

  54. worlio.com

    I guess that is fair. I feel like it would be wrong to ban an entire server if you didn't atleast try to report it. Would hate for XMPP to be in a similar situation to Mastodon where it all becomes split because of a few spammers.

  55. jjj333_p [pain.agency]

    > I guess that is fair. I feel like it would be wrong to ban an entire server if you didn't atleast try to report it. Would hate for XMPP to be in a similar situation to Mastodon where it all becomes split because of a few spammers. Yeah no we only did a muc wide ban before I tried to hunt down abuse report. I asked in a couple mucs and dmed some people I know as well and got nothing. It’s a small muc that not much of anyone will care about and our servers are pretty new to the game

  56. jjj333_p [pain.agency]

    We come from matrix, because we found that first and it’s not good

  57. worlio.com

    Welcome to XMPP.

  58. jjj333_p [pain.agency]

    > Welcome to XMPP. Thanks ♥️

  59. jjj333_p [pain.agency]

    S2s federation so far seems to function so atp that’s a win

  60. jjj333_p [pain.agency]

    S2s federation so far seems to function reliably so atp that’s a win

  61. Menel

    Open registration spam servers with no easy abuse report don't need pity in my opinion.

  62. worlio.com

    I also started my server after using Matrix. I found Matrix to be a pain to manage and keep up. It was a resource hog. XMPP with Prosody has been a breeze.

  63. jjj333_p [pain.agency]

    > I also started my server after using Matrix. I found Matrix to be a pain to manage and keep up. It was a resource hog. XMPP with Prosody has been a breeze. lol yeah, I use dendrite (the buggier but lighter impl) and it barely fits on my Vps and I have to keep tending to it while I ignore prosody and it like doesn’t even show up in htop sorted by any kinda usage

  64. worlio.com

    Menel: Depends. Maybe they don't know they don't have an easy abuse report set up, in which case I go the extra mile.

  65. worlio.com

    I try to give a fair chance.

  66. worlio.com

    » lol yeah, I use dendrite (the buggier but lighter impl) and it barely fits on my Vps and I have to keep tending to it while I ignore prosody and it like doesn’t even show up in htop sorted by any kinda usage Used Conduit. Yeah, Prosody doesn't even sweat. I recently temporarily turned on debug logging for something and the amount my server was handling at once and what it was actually using was insane compared to the few things Conduit did and the 2 CPU cores it was using. I'm sure ejabberd also performs just as well if not better.

  67. jjj333_p [pain.agency]

    lol and conduit is probably by far the lightest of the bunch

  68. worlio.com

    Which is why I chose it.

  69. jjj333_p [pain.agency]

    i didnt just because room version support was a must for me (a statement uttered by the completely deranged)