-
marc
Ge0rG, Did you take a look at the XEP?
-
Ge0rG
marc: you mean at the examples? 😜 yes, I did
-
marc
Ge0rG, yes the examples ;) Any objections so far? :P
-
Ge0rG
marc: I still think that the ad-hoc command has two parameters too many. Also not sure about just adding another element to the IBR request
-
marc
Ge0rG, these two elements are still optional ;)
-
marc
Ge0rG, do you have an other idea for IBR?
-
Ge0rG
marc: I'm not sure means I don't know if this can be made legal by the XEP. The alternative would be to use full fledged Data Forms
-
Ge0rG
marc: and it needs some way to integrate with PARS, so that users who already have an account will be accounted for as well
-
marc
Ge0rG, what do you mean? can you give me an exmaple?
-
intosi
Yay. Spim from @yax.im.
-
goffi
Hi, https://news.ycombinator.com/item?id=15850597
-
goffi
some votes may help ;)
-
Tobias
intosi, also got it and put the domain on my blocklist. but maybe Ge0rG can get his act together and prevent these things
-
SouL
Of course! yes goffi :D
-
edhelas
upvoted :p
-
Zash
Ge0rG: How's your acting?
-
Flow
jonasw, no ProtoXEP annoucement for ISR 0.0.5? I also don't see a council trello card for it
-
Flow
goffi, upvoted, also read the blog post, sounds great!
-
Tobias
goffi, why does the vidoe have white bars top and bottom?
-
goffi
Tobias: because it's old blog renderer and the CSS is bad
-
jonasw
Flow, no
-
jonasw
I don’t do that normally, I thought your mail was announcement enough
-
jonasw
maybe CC council@ next time
-
goffi
but can't use the new one yet (which is responsive), there is not yet atom feed or pagination.
-
edhelas
you shouldn't enforce width and height for the video size
-
jonasw
(ProtoXEP updates are out-of-process, so there’s no tooling for this)
-
Flow
jonasw, ok, i've a feeling that people will refuse to deal with the submission if it's not officially announced. Would you be so kind and add a card to council's trello?
-
jonasw
I doubt that people will refuse that
-
jonasw
I am in a meeting right now
-
Flow
hope so
-
jonasw
remind me in a few hours, then I’ll do that
-
Ge0rG
Tobias: seriously? You've blocked yax.im?
-
Tobias
Ge0rG, if domains send spam my way, i block them :)
-
jonasw
Tobias, maybe first contact the admin?
-
jonasw
that’s kinda extreme
-
Tobias
it's even the less harsh approach, compared to others who whitelist domains they do s2s with :)
-
jonasw
especially if the admin is part of the XMPP core-ish community
-
Tobias
jonasw, well...i can unblock them
-
Tobias
even did so after a week
-
Ge0rG
Tobias: that makes me very sad, still
-
Tobias
it also makes me very sad that i received spam from your domain
-
Ge0rG
Tobias: so what would be your proposed solution? Shut down all public servers?
-
Tobias
no...apply some limitations to new accounts on public servers
-
Guus
Oh, I'm with Tobias: I've blocked various domains that delivered nothing to mine, except spam.
-
Tobias
and monitor behaviour of new accounts on public servers
-
Tobias
i have more than 50 domains on my block list
-
Guus
oh, i ~10 :)
-
Ge0rG
Tobias: I'm doing the following: - limit IBR per IP - monitor large numbers of outgoing messages and block accounts - limit the number of stanzas a client can send - watch my logs - react to abuse reports as fast as I can
-
Ge0rG
Tobias: and you didn't even report it to me.
-
Tobias
Ge0rG, will do the next time, I promise
-
Ge0rG
Tobias: you still can report the message content that you received :P
- SouL says: come on, cheer up everybody yay :)
-
Ge0rG
Tobias: I know how annoying spam is, and it really really really makes me sad to learn about it in such a public-shaming way.
-
edhelas
Tobias Guus is it possible to get thoses blacklists ?
-
Tobias
edhelas, yes
-
Ge0rG
Tobias: so what's the spam message you received, anyway? I'd like to improve my outbound filters.
-
Tobias
Ge0rG, just going through my logs to find it
-
Ge0rG
Tobias: and did you receive it from digital.advert307@yax.im or a different JID?
-
Guus
edhelas, I can look them up for you. Note that because _my_ users aren't appear to be talking to valid accounts on those domains, yours might. I'm not sure if a permanent blacklisting is approriate.
-
Zash
I also block on first offence. I am evil.
-
Ge0rG
Tobias: so I've just deleted eight spammer accounts that connected through the same IP address. If you had told me the JID or the content of the message you received (did you receive one at all?), I possibly could have deleted more.
-
Tobias
Ge0rG, does your server ping every s2s connection every minute? even if you don't send other messages over that connection for a longer time?
-
Ge0rG
Tobias: it does ping other servers, but I'm not sure if it is actually set to one minute. Why?
-
Zash
wc -l blocklist/zash.dat 256 blocklist/zash.dat
-
Zash
Eeeeeeeevil
-
Tobias
just looking at my log
-
Ge0rG
Zash: how often will prosody 0.10 send whitespace via s2a?✎ -
Ge0rG
Zash: how often will prosody 0.10 send whitespace via s2s? ✏
-
Zash
Ge0rG: We never got around to adjusting the timeout, so after 6h of silence.
-
Ge0rG
mod_pinger should only ping c2s, from reading the source code.
-
jonasw
dwd, I added ProtoXEP ISR to the proposed agendums [sic]
-
jonasw
(cc @ Flow)
-
Ge0rG
Zash: why is it sending two whitespaces per minute on an s2sin then? And also one ping per minute on s2sout?
-
Zash
Ge0rG: Are you using 3rd party plugins that I have no idea about what they are doing?
-
Ge0rG
Zash: if by "3rd party" you mean "from prosody-modules", then yes.
-
Zash
Yes, I do
-
Ge0rG
Zash: where is the code that sends the once-in-6hr whitespace?
-
Zash
Ge0rG: In mod_s2s, when the network backend invokes the "read timeout" handler.
-
Zash
Have you perhaps changed the read timeout setting?
-
Ge0rG
Zash: I have. `network_settings.read_timeout = 840` - which is NOT 60 seconds.
-
Ge0rG
Zash: also why should it send twice on an s2sin link?
-
Zash
Ge0rG: Duno. Bug?
-
Ge0rG
just to pick a random s2s: Dec 05 10:18:52 s2sin98ca6d0 debug sending: Dec 05 10:18:52 s2sin98ca6d0 debug sending: Dec 05 10:18:52 s2sin98ca6d0 debug Received[s2sin]: <iq id='keepalive' type='result' to='yax.im' from='tengu.chat'> Dec 05 10:19:52 s2sin98ca6d0 debug sending: Dec 05 10:19:52 s2sin98ca6d0 debug sending: Dec 05 10:19:52 s2sin98ca6d0 debug Received[s2sin]: <iq id='keepalive' type='result' to='yax.im' from='tengu.chat'>
-
Zash
Ge0rG: Weird. Libevent?
-
Ge0rG
Tobias: thanks for pointing out the bug. Were you able to find anything in your logs regarding that spammer you encountered?
-
Tobias
not yet...will tell you in about half an hour
-
jonasw
zinid, if you’re doing strict schema validation, how do you handle the lax order requirements of XMPP?
-
jonasw
which cannot really be reflected in schemas?
-
jonasw
(well, somebody did the work to reflect that in XEP-0030, but ...)
-
Ge0rG
Sigh. Blocking messages from strangers is really annoying. I get a subscription request from a JID I don't recognize and I can't even ask them why they contact me without exposing my presence.
-
Ge0rG
Oh, `admin@xmpp.wiki` is not actually an admin.
-
SouL
Does .wiki domain exist?
-
Zash
Looks like one of chatmes domains?
-
SouL
Didn't know that
-
Ge0rG
Zash: yes, it is.
-
mathieui
mod_block_registrations should also be required for IBR servers…
-
mathieui
with admin, operator, and root banned
-
Ge0rG
mathieui: right, that too.
-
Ge0rG
block_registrations_users = { "abuse", "admin", "administrator", "hostmaster", "info", "news", "noc", "owner", "postmaster", "register", "registration", "root", "security", "service", "signup", "support", "sysadmin", "sysop", "system", "test", "trouble", "webmaster", "www", "xmpp", }
-
Ge0rG
based on http://tools.ietf.org/html/rfc2142 and http://blog.postbit.com/reserved-username-list.html
-
Ge0rG
added `operator` now.
-
Ge0rG
Zash: ^
-
Zash
Ew, spaces for indentation!
-
Ge0rG
Zash: what? I'm using tabs.
-
Zash
The module
-
SouL
wtf who uses tabs for indentation
-
ralphm
This
-
Zash
No, TABS! Holy war!
-
mathieui
oh no
-
mathieui
maybe we should talk about tea instead
-
Zash
No, Coffee! Holy war!
-
mathieui
nobody expects the xmpp inquisition
-
Ge0rG
mathieui: nobody expects the whitespace inquisition?
-
Tobias
Ge0rG, https://q.zash.se/a6db0f2a6dcf.txt
-
Ge0rG
Tobias: that's been almost two weeks ago!?
-
Tobias
yes?
-
Ge0rG
Tobias: you didn't know that I'm the admin of yax.im?
-
Tobias
i did
-
Tobias
like I said, next time I'll report it to you before blocking your domain
-
Ge0rG
Tobias: sorry, but I'm speechless.
-
Tobias
is the account already deleted?
-
Ge0rG
BTW, there is a dozen of accounts that used the same IP address.
-
Ge0rG
Tobias: no. I'm not even sure why the message went out at all. It should be blocked for multiple reasons.
-
Tobias
like high percentage of YELLING?
-
Ge0rG
Tobias: I'm not measuring that. But multi-line messages to non-subscribers should be blocked.
-
Holger
jonasw: What order requirement can't be reflected?
-
Zash
Ge0rG: does `prosodyctl mod_firewall test` work?
-
Holger
jonasw: Either way ejabberd is using it's own schema format, not XSD.
-
Ge0rG
Zash: I remember now. my `bodycheck` rule had to be disabled for outgoing messages because IN_ROSTER doesn't work in `::preroute`
-
Zash
Say what
-
zinid
jonasw, we don't use XSD, they are shit
-
Ge0rG
Zash: what does IN_ROSTER return when applied in the ::preroute chain?
-
Zash
Ge0rG: Oh right, because it refers to the receivers roster, which wouldn't be available for a remote user
-
Ge0rG
Zash: so how do I find out if the local sender is subscribed to the remote receiver?
-
zinid
jonasw, it has erlangish format, here it is: https://github.com/processone/xmpp/blob/master/specs/xmpp_codec.spec
-
Zash
Ge0rG: And the sender can just add whatever they want to their roster, so you'd need the thing, yes, subscription check
-
Ge0rG
SUBSCRIBED Tests whether the recipient is subscribed to the sender, ie will receive presence updates from them. Note that this does work, regardless of direction and which chain is used, since both the sender and the recipient will have mirrored roster entries.
-
Zash
Ge0rG: SUBSCRIBED?
-
Zash
Right
-
Ge0rG
is that what I need? Will it work as expected?
-
Zash
Ge0rG: Unless it has the same bug...
-
Ge0rG
Zash: actually I need the opposite - whether the sender is subscribed to the receiver.
-
Zash
Ge0rG: Why?
-
Ge0rG
Whoever invented asymmetric presence subscription.
-
Ge0rG
Zash: because a spammer could pre-approve all receivers?
-
Zash
Ge0rG: But that's not implemented! :D
-
Ge0rG
Zash: ah, it looks like `rostermanager.is_contact_subscribed` will actually check both directions.
-
Ge0rG
Zash: thanks very much.
-
Ge0rG
So now I can apply a `JUMP_CHAIN=user/bodycheck` to outgoing messages as well. But how can I add another action to inform the admin about local users spamming?
-
Ge0rG
JUMP_CHAIN will BOUNCE when spam was found.
-
Ge0rG
Tobias: deleted the twelve spammer accounts. Improved firewall rules. Sent abuse report to ISP. Thanks for reporting.
-
Tobias
ta
-
jonasw
Holger, in XMPP, the order of elements of different names (e.g. <{disco}feature/> and <{disco}identity/>) is irrelevant. this can be, but is very hard to, represent with XSD
-
jonasw
but sure, if you use your own validation, that doesn’t affect you, zinid
-
zinid
this is not strictly speaking the validation, it's more like ASN.1 codec, which transforms XML into internal language structure
-
zinid
but validation is performed during decoding, yes
-
jonasw
you have a weird obsession for ASN.1
-
jonasw
which is fine, I guess
-
tux
zinid: You do Erlang, too? xD
-
tux
(just kidding)
-
zinid
tux, well, erlang knowledge is required for ejabberd development, most of the time 🙂
-
Holger
jonasw: <xs:complexType><xs:all><xs:element name="feature"/><xs:element name="identity"/></xs:all></xs:complexType> won't do the trick?
-
zinid
jonasw, ha, you didn't see my obsession regarding parsers yet 😀
-
jonasw
Holger, afaik not
-
jonasw
I.
-
zinid
jonasw, for example, from this ABNF file https://github.com/processone/xmpp/blob/master/c_src/uri.abnf the parser code is generated: https://github.com/processone/xmpp/blob/master/c_src/xmpp_uri.c
-
jonasw
I think that enforces order between feature and identity
-
Holger
jonasw: No. That would be xs:sequence instead of xs:all.
-
jonasw
Holger, tbh, I have not much of an idea about XSD, I tried to read the spec and I find it massively confusing
-
jonasw
there have been some comments w.r.t. on standards@
-
Ge0rG
Ah, the new rules absolutely pay off. Found another 18 spammer accounts.
-
tux
zinid: yeah, that's true. 8)
-
Holger
jonasw: I'm not much into it either, dunno whether you can express all XMPP syntax weirdness with XSD.
-
Ge0rG
inetnum: 176.126.252.8 - 176.126.252.15 netname: FVDE descr: Tor Exit Node Hosting
-
Ge0rG
Whoops. Four of five IPs that injected spam today are exit nodes.
-
zinid
wow, suddenly
-
zinid
just ban all exit nodes 😀
-
Zash
Require all Tor users fill in a Google Captcha!
-
intosi
Ge0rG: good busy!
-
Ge0rG
Okay, so I've deleted another 50 accounts
-
Ge0rG
@iteam - our wiki claims "The XMPP Standards Foundation maintains a dedicated email list (muc@xmpp.org) about MUC" but there is no such list. Does anybody want one?
-
jonasw
I’m pretty sure I was on that list.
-
jonasw
it was deleted though
-
jonasw
Subject: [MUC] deleting this list Date: 14.02.13 05:09 From: Peter Saint-Andre <stpeter@stpeter.im> To: muc@xmpp.org I just deleted the specialized bosh@xmpp.org list. I think it would be appropriate to do the same with the muc@xmpp.org list. Instead of having a specialized conversation here, we'll simply use the main standards@xmpp.org list. Any objections? Peter
-
jonasw
the only reply to that was from someone who claimed to not have done anything with jabber for 3 years
-
Ge0rG
How appropriate.
-
Zash
Hah
-
jonasw
TBH, I don’t see a use-case for separate lists
-
jonasw
Ge0rG, edit that out of the wiki maybe?
-
Zash
jonasw: Very active topics that drown out others?
-
Ge0rG
jonasw: done
-
jonasw
Zash, I find standards@ still comfortable to read
-
Kev
I think it's more about interests not overlapping than about traffic.
-
Ge0rG
If only we had threaded email-like message support in XMPP.
-
Zash
It works like a sort of filter, but enforced by the sender instead of the receiver
-
Kev
If you expect the same people on both lists, it's not gaining much, but if you think lots of people care about MUC, but not other stuff on standards@ there's a point.
-
Kev
I don't think there is in this case.
-
jonasw
Ge0rG, why aren’t you in jdev@?
-
Ge0rG
jonasw: I'm not?
-
jonasw
now you’re
-
Ge0rG
jonasw: I had a power outage.
-
jonasw
zinid, re your standards@ reply: > Well, yes, it will be timed out. I also don't think this is a > violation, because in this case we cannot block IQ from flooders for > example, as this is also a violation.
-
jonasw
I would suggest to send some IQ type="error" back in these cases
-
jonasw
and making IQ requests timeout is super-annoying
-
Kev
You can't type=error to a result or an error.
-
jonasw
Kev, yes
-
jonasw
this was in response to what he said about flooders
-
jonasw
(which is why I didn’t reply on the standards@ thread)
-
zinid
jonasw, why would I send iq=errors to flood IQs? wtf?
-
zinid
what if this is a dos attack, I should do that too?
-
jonasw
zinid, depends on how sure you are that it’s a genuine flood
-
zinid
ok, so if I want that much, then I can 🙂
-
jonasw
if might also be a client which is confused or simply has a lot of things to do. sending proper type="wait" errors back.✎ -
jonasw
it might also be a client which is confused or simply has a lot of things to do. sending proper type="wait" errors back.✎ ✏ -
jonasw
it might also be a client which is confused or simply has a lot of things to do. sending proper type="wait" errors back seems more reasonable to me, until it becomes a burden. ✏
-
zinid
whatever, as daniel said any discussions are pointless
-
zinid
you already built up your mind, why bother
-
zinid
I'm also not sure why on earth I should route (or store) malformed packets
-
jonasw
because you can’t be sure that they’re malformed
-
zinid
jonasw, I can if I have schema
-
jonasw
okay, but then you have to consider how schemas are used in XMPP and acknowledge that elements and attributes may be added at any time, and must be ignored
-
zinid
well, that's the rule I don't like
-
jonasw
I know that
-
jonasw
but that’s how XMPP works and has always worked
-
jonasw
(*always: to my knowledge)
-
zinid
and where is it now?
-
jonasw
I don’t think that this specific rule is the cause of the low popularity of XMPP
-
zinid
it can be pretty much though
-
jonasw
how?
-
zinid
what? lack of formal validation of packets/
-
zinid
?
-
zinid
for example, some people would rather use something more robust, like asn.1
-
jonasw
you can formally validate what you know about, there’s no problem with that
-
jonasw
no, if you’re going down the "no XML" route, what people nowadays want to use is JSON
-
zinid
but I know there is no <retry/> element in the schema
-
jonasw
in which schema?
-
jonasw
the one you made up, or the non-normative which may or may not be in the XEP?
-
zinid
ah, indeed, we don't even have schemas
-
jonasw
exactly
-
Zash
The 'critical' property of things in ASN.1 sure seems nice
-
jonasw
because the rule I mentioned earlier (unknown things need to be ignored, and also the order of things does not matter) is hard to codify in XMLSchema
-
jonasw
Zash, google dropped "required" in protocol buffers 3.0
-
jonasw
(critical is "you have to understand it", right?)
-
zinid
jonasw, yeah, and you resorted for postulate this ad-hoc
-
jonasw
zinid, I don’t understand your statement, sorry, could you rephrase?
-
Zash
jonasw: Yes. If you don't understand something marked 'critical' then that's a fatal error and you should abort everything.
-
Zash
Much nicer than just blanked ignoring of everything not understood.
-
jonasw
Zash, idneed
-
jonasw
we could have that, if we wanted to
-
Zash
In XML? Hrrrm
-
jonasw
but even then I’d find it questionable for a server to decide what a client understands
-
jonasw
Zash, xmpp:critical="true", define xmpp prefix on <stream:stream/>, be done with it :-)
-
jonasw
but SamWhited will kill me for that
-
Zash
It probably wouldn't have much use outside of initial stream negotation
-
jonasw
possibly
-
Zash
Well. Depends
-
Zash
Altho that's working fine enough.
-
zinid
jonasw, nah, I'm pretty much bored
-
zinid
jonasw, I will anyway do what I think better
-
Holger
Basic XEP-0060 question. I don't get how the interaction of proper PubSub (non-PEP) nodes with presence is supposed to work.
-
Holger
E.g. pubsub#access_model=presence. This assumes the PubSub service has access to the node owner's roster data? The node owner might be a remote user, no?
-
jonasw
yes, I think so
-
jonasw
that access model probably simply doesn’t work for services where this isn’t true
-
Holger
Or pubsub#send_last_published_item=on_sub_and_presence (this is even the default).
-
Holger
This assumes the PubSub service will receive presence from the subscriber?
-
jonasw
probably
-
Holger
It's like these parts of 0060 were written without federation in mind.
-
Zash
In theory, the service could send a presence request
-
jonasw
Zash, so it’d have to regularly type="probe" the subscribers?
-
Zash
jonasw: if it's subscribed, it should get presence pushed to it, like any other contact
-
jonasw
oh good point
-
zinid
you still need to send probes after restart
-
Zash
Sure, it would have to do the things the server does for users with rosters.
-
jonasw
Zash, do servers do that on behalf of components?
-
jonasw
argh
-
jonasw
nevermind, I misread your sentence
-
daniel
Briefly looking over Ge0rG's email. Retraction... Wait there is a retraction feature in MIX? 😂
-
daniel
That makes me wonder what else is in there
-
jonasw
that mail is long enough to make kmail think for a moment before showing it. well done, Ge0rG✎ -
Ge0rG
daniel: that mail was shorter than I expected.
-
jonasw
that mail is long enough to make kmail think for a moment before showing it. well done, Ge0rG) ✏
-
daniel
I wonder if Georg will be talking about the dish washing feature later in the email
-
jonasw
:D
-
Ge0rG
no, but there is a valet parking feature.
-
daniel
For scooter and cars?
-
Steve Kille
daniel: there is both user and administrator retraction. Both can be configured on or off
-
Ge0rG
for gas driven locomotives
-
Steve Kille
Ge0rG: will add the valet parking feature in next update
-
Steve Kille
Ge0rG: I plan to respond to your email later this week
-
Ge0rG
Steve Kille: I think there is no need to hurry. It took me multiple weeks to read the XEP and write the mail, so take your time :)
-
daniel
Ge0rG, LMC should probably be changed to use origin-ids
-
intosi
Steve Kille: is this valet parking feature available for my office trip next week? :)
-
Ge0rG
daniel: I think the stanza-id XEP should be changed to enforce a client setting message-id = origin-id.
-
Ge0rG
intosi: only if you implement MIX 2.0 until then
-
daniel
Ge0rG, probably. but that's orthogonal to changing LMC et al to using origin-ids
-
Ge0rG
daniel: changing LMC et all would be a breaking change.
-
daniel
and most sane implementations will already set message-id=origin-id
-
daniel
Ge0rG, sure
-
daniel
but it's a breaking change either way
-
Ge0rG
daniel: it's not a breaking change to fix stanza-id ;)
-
daniel
yes?! but it's still orthogonal
-
Ge0rG
daniel: you might resurrect the thread I had with Flow regarding that topic in October.
-
Ge0rG
let's say its complementary.
-
daniel
even if you force origin-id to be the same as message-id. if lmc gives origin-id precedence over message-id that's still a breaking change
-
daniel
because that xep has to deal with the case where they are not the same
-
Ge0rG
can't we just properly fix message-id, once and for all?
-
daniel
fix meaning?
-
Ge0rG
mandate globally unique message IDs
-
Ge0rG
and just plain reject messages that violate that rule
-
daniel
that doesn't prevent services from rewriting the id though
-
daniel
which is imho the bigger issue
-
Ge0rG
daniel: stopping id rewriting would be the other part of fixing message-id
-
Zash
But is the outgoing message from a MUC really the same message as the incoming one?
-
Ge0rG
Zash: if a tree falls in a MUC, and there are no participants, will there be a presence update?
-
Zash
Schrödingers presence update.
-
Ge0rG
Zash: when you want to LMC a MUC message you just sent, will you use the sent-message-id, the reflected-message-id, the MAM id or the origin-id?
-
daniel
origin-id
-
daniel
(once the XEP says so)
-
Ge0rG
Zash: is it the MUC service's task to track all message ID references it rewrites and fix them?
-
zinid
origin-id, stanza-id
-
zinid
you guys are reinventing version vectors and vector clocks
-
Ge0rG
http://www.abdsphysics.com/uploads/6/5/0/9/65090265/4802565.png?540
-
Ge0rG
I think that it's very typical for the XMPP standardization process that we end up with a message having three different IDs.
-
Zash
Why don't we stick a nonce in each message, apply canonicalization and declare that the message id is a hash of the canonical serialization of it?
-
daniel
fwiw Conversations already gives origin-id precedence over stanza-id when it comes to LMC, reciepts chat markers
-
Zash
/s ;)
-
Ge0rG
daniel: please comment on the "UPDATED: XEP-0359 (Unique and Stable Stanza IDs)" thread.
-
Ge0rG
daniel: thanks! :)