XMPP Service Operators - 2025-06-06

Yea so somebody was like, a turbo spammer with the strength and hammered my MUC a couple weeks ago, circumvented the muc moderation COMPLETELY, spoofing or using fake non-registered (muc or local) data and continuing to bot spam my MUC

So I created another vhost, for the lulz, and jokes, and why take life seriously, it's on `pubchatmofos.cc` and no it is not derogatory, don't pester me about that, it's an ongoing meme, and irrelevant, and my MUC place for now

I wondered something about prosody server but I can't remember at this moment

It'll come back to me, maybe I'd ask that in prosody chat

I am packets.cc operator fyi, and the recently on vacation toofast.vip domain is mine as well

So the interesting part is that spam attack. You could analize your logs and see what happend there, to improve tools preventing that

Yea, but it keeps interesting when I don't do that and do other stuff instead

I'll be honest I don't feel threatened or offended in the least, I'm just chillin

I know who did it, and those guys are all kinda comedic, such is the lulz ya know?

I mean, I don't have white vans down the block, and im not subject to v2k atm anyways, i think it's ok

been there done that tho ^^

Does anyone know about thesecure.biz?

this marks the third signup that i've got that comes on with a hot IP and immediately tries to PM someone there, and gets bounced

craftxbox, what's a "hot ip" ?? entirely spoofed?

cuz are you suuuure?

Bad reputation

oh i see

r.i.p.

ie getipintel of 0.9 or higher

they seem to give up doing anything after getting the bounce report? its just weird behaviour

sounds like you need to do some firewall magic and use a www blocklist for degenerate hosts blocked at dns level maybe

today somebody muc pm-ed me, and my android locked up hard immediately\

a similar thing, somebody just signs up, says something someone, leaves never seen again

my service is open-reg but its not listed anywhere that i know of, im curious as to where they're finding me anyway

how many fuzzers are hitting your server?

are you on a congested or heavily farmed IP range?

r.i.p. webserver logs xD

digital ocean is a busy one, but never had such a particular issue

> are you on a congested or heavily farmed IP range? not really no, residential service ↺

craftxbox: the web is scanned for open xmpp ports, and then they can get on from there, using software that tries to make an account and test if it works. Maybe that is the initial PM. A test for connectivity ✏

Particularly why i was asking about the target server :p

i was curious if it was known or not

googling it shows that it's been used for ransomware before but pretty much nothing else

> Yea so somebody was like, a turbo spammer with the strength and hammered my MUC a couple weeks ago, circumvented the muc moderation COMPLETELY, spoofing or using fake non-registered (muc or local) data and continuing to bot spam my MUC There's a prosody module for rate limiting mucs ↺

It can help limit damage when that happens until human intervention can take place

that's actually a good idea tom thanks

my muc's don't necessarily chat up that fast much a storm, it could be fine tuned, cheers

yes you need to tune it for your mucs

do I need any special tools?

xD