XMPP Service Operators - 2025-11-05

itsjustmyluck@xmpp.is --> PMing NSFW without consent

not sure if the admin is here or not :)

Sorry spoke too soon, someone thought they were funny pretending to be a fucking NSFW spammer, disregard my report.

shit was meant to retract that not delete it locally 🤦‍♂️

I am starting to realise that the servers I often get spam/abuse from are not in this channel, and are the ones which ignore reports :/

you mean xmpp.is admin?

is it a single person?

there's something I wanna ask that seems to fit here the most, I asked this on the prosody chat and they pointed me to a very important thing. And that is server compliance with what restriction I am creating. I personally wanted less ports to be open and wanted to only support legacy ssl, meaning only tls (no starttls). But most servers seems to probe 5269 if there is an SRV with that, and if there is literally no 5269 or any port mentioned for xmpp-server, they reach me late because of doing starttls first. On clients I find the same thing as well. Clients always tries 5222 first. And servers always try 5269 first, Is there a reason to still do this? ✏

And here's the weird part for me...

If I DO block 5269, sometimes s2s completely fails and servers doesn't even try 5270.

Some servers do, others don't.

icebound.dev what happened?

that shouldn't be the case, clients and servers should only try those if all the srv records failed

moparisthebest: If there is no SRV record for xmpp-server, It completely fails.

> icebound.dev what happened? just sexual harassment lol ↺

I thought it was a wider attack but it wasnt so I was just gonna drop it

and if there is, but the port is blocked it _then_ tries 5270. ✏

I find this very very weird.

> moparisthebest: If there is no SRV record for xmpp-server, It completely fails. that shouldn't be the case either... maybe time to report bugs to servers Conversations is a client that for sure won't do that ↺

well, c2s works tbh, just not s2s.

nonetheless you can even specify legacy ssl directly in conversations.

which I do, that helps in faster connection.

(which is the main reason to even do this)

> there's something I wanna ask that seems to fit here the most, I asked this on the prosody chat and they pointed me to a very important thing. And that is server compliance with what restriction I am creating. I personally wanted less ports to be open and wanted to only support legacy ssl, meaning only tls (no starttls). But most servers seems to probe 5269 if there is an SRV with that, and if there is literally no 5269 or any port mentioned for xmpp-server, they reach me late because of doing starttls first. On clients I find the same thing as well. Clients always tries 5222 first. And servers always try 5269 first, Is there a reason to still do this? I do not see the benefit of reducing ports ↺

any decent firewall lets you chain ports

well, no starttls.

big plus.

legacy ssl is always great.

funny enough starttls was picked over direct a while back, and up until recently openfire called direct "legacy"

well, some people told me not to call it "direct tls"...

;-;

anyways startls is too common, disabiling it is like disabling IPv4

disabling IPv4 is a good thing though.

I'd expect IPv6s to be the norm starting next decade.

And deprecate IPv4.

Please.

s/next/next next//

alright thats a second JID on my server itsjustmyluck@xmpp.is has spammed with nsfw, so I will now put it here in case others have issue with this JID.

>> icebound.dev what happened? > just sexual harassment lol WTF ↺

icebound.dev: err wait, how do you know this?

that nsfws

> that nsfws because they are spamming asking for help c**ing ↺

I believe I know which spammer it is too

spamming where?

on dms?

I thought they gave up months ago but seems like they are back, and im being targeted as I am the one which kept reporting them last time.

> on dms? yes, but now has joined channels too ↺

wait how did they get spammed in dms?

because the MUC they joined doesnt protect JIDs :)

...

that's a stupid thing to do..

doesnt matter, watch out for that JID

alr.

and iirc, gajim has anti-spam things if I heard this correctly.

> I believe I know which spammer it is too Who ↺

they probably should use one of those things now ig.

I thought rooms with open JIDs were only used for private members only encrypted mucs. Don't you think it should be disallowed from pubmucs? ✏

(Infact, that's required for omemo, I mean encryption) ✏

> I thought rooms with open JIDs were only used for private members only encrypted mucs. Don't you think it should be disallowed from pubmucs? Moderators can always see all jids, and public rooms cam be configured that everyone sees that ↺

The former is acceptable, the latter isn't.

your client should warn you before you join if it doesn't report a bug

That's for each admin to deside. And your client to warn your when joining broke

"your client to warn you" oh it does?

conversations and forks for sure do

> your client should warn you before you join if it doesn't report a bug I don't think gajim does but I know conversations does ↺

not hiding JIDs can be useful sometimes, it is not so useful in public channels, but in private channels it can be useful to see other peoples JIDs

gajim does tell if MUC is anon, semi-anon or if your jid is publicly listable before u enter to that room

> gajim does tell if MUC is anon, semi-anon or if your jid is publicly listable before u enter to that room oh right yeah, it tells you but doesn't warn you, its up for you to review the settings :P ↺