moparisthebest<ralphm> And indeed, maybe mod_block_strangers isn't the best approach. I can imagine various cases where you'd receive a message stanzas from a non-contact that you didn't direct presence to (bare or full). And didn't want it blocked.
zachhas left
zachhas joined
moparisthebestFor example, jmp.chat
moparisthebestWhere you want messages from SMS non-contacts
moparisthebestThey have to constantly change their server and client recommendations because of this
Lancehas left
andyhas left
karoshihas left
murabitohas left
murabitohas joined
ajhas joined
Chobbeshas joined
fdshas joined
UsLhas left
UsLhas joined
zachhas left
zachhas joined
fdsh
fdshas left
Alexhas left
Marandahas left
Marandahas joined
waqashas left
waqashas joined
pdurbinhas joined
Chobbeshas left
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
Chobbeshas joined
waqashas left
waqashas joined
pdurbinhas left
neshtaxmpphas left
neshtaxmpphas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas joined
Chobbeshas left
zachhas left
zachhas joined
waqashas left
waqashas joined
adityaborikarhas left
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
sonnyhas left
sonnyhas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas left
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
kokonoehas left
waqashas left
waqashas joined
kokonoehas joined
lumihas left
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas joined
murabitohas left
murabitohas joined
adityaborikarhas left
Nekithas joined
zachhas left
zachhas joined
andyhas joined
pdurbinhas joined
adityaborikarhas joined
pdurbinhas left
sonnyhas left
adityaborikarhas left
patrickhas left
jcbrandhas left
adityaborikarhas joined
adityaborikarhas left
rionhas joined
mimi89999has left
mimi89999has joined
adityaborikarhas joined
zachhas left
zachhas joined
jabberjockehas left
j.rhas left
j.rhas joined
adityaborikarhas left
adityaborikarhas joined
Douglas Terabytehas left
Douglas Terabytehas joined
adityaborikarhas left
adityaborikarhas joined
jabberjockehas joined
jabberjockehas left
jabberjockehas joined
jabberjockehas left
jabberjockehas joined
j.rhas left
waqashas left
Mikaelahas left
Mikaelahas joined
Tobiashas joined
wurstsalathas joined
goffihas joined
archas left
archas joined
jabberjockehas left
zachhas left
zachhas joined
karoshihas joined
pdurbinhas joined
j.rhas joined
Douglas Terabytehas left
Douglas Terabytehas joined
j.rhas left
j.rhas joined
pdurbinhas left
adityaborikarhas left
adityaborikarhas joined
adityaborikarhas left
adityaborikarhas joined
jcbrandhas joined
zachhas left
zachhas joined
zachhas left
larmahas left
zachhas joined
larmahas joined
Douglas Terabytehas left
Douglas Terabytehas joined
jonas’moparisthebest, maybe talk to the server implementations about white-listing jmp.chat
jonas’that’s a reasonable use-case
jonas’and since you need to be registered with jmp.chat to receive messages from them (?) it is opt-in for each user fully and without extra config
jonas’could be a config switch obviously for the admin to disable the whitelisting
jonas’but I think by default it should be whitelisted
Douglas Terabytehas left
Ge0rGWhat about
> Also blocking messages from strangers, server-wide, is a very bad idea.
alameyohas left
alameyohas joined
zachhas left
zachhas joined
pdurbinhas joined
jonas’true
alameyohas left
mimi89999has left
mimi89999has joined
sezuanhas joined
jabberjockehas joined
sezuanhas left
sezuanhas joined
zachhas left
zachhas joined
alameyohas joined
adityaborikarhas left
adityaborikarhas joined
alameyohas left
alameyohas joined
zachhas left
zachhas joined
mimi89999has left
j.rhas left
jubalhhas joined
mimi89999has joined
Zashhas left
jabberjockehas left
Mikaelahas left
Mikaelahas joined
zachhas left
zachhas joined
Zashhas joined
pdurbinhas left
Nekithas left
Nekithas joined
zachhas left
zachhas joined
COM8has joined
pdurbinhas joined
murabitohas left
archas left
archas joined
Nekithas left
Nekithas joined
lskdjfhas joined
jabberjockehas joined
COM8has left
COM8has joined
COM8has left
jabberjockehas left
COM8has joined
COM8has left
ajhas left
COM8has joined
COM8has left
COM8has joined
zachhas left
zachhas joined
COM8has left
COM8has joined
COM8has left
COM8has joined
COM8has left
linkmauvehas joined
adityaborikarhas left
jubalhhas left
Alexhas joined
winfriedGuus Ralphm maybe we should apply for this: https://www.forumstandaardisatie.nl/content/toetsen-van-standaarden
Nekithas left
Guuswinfried: i quickly scanned: seems we're to late?
kokonoehas left
Nekithas joined
kokonoehas joined
winfriedGuus: They have a continuous call and they accept twice a year. We missed the call for this autumn but can apply for the spring
winfriedAnd best prepare well for it...
Guuskk
pdurbinhas left
zachhas left
zachhas joined
linkmauvehas left
COM8has joined
COM8has left
adityaborikarhas joined
COM8has joined
COM8has left
adityaborikarhas left
adityaborikarhas joined
eevvoorhas joined
COM8has joined
COM8has left
zachhas left
zachhas joined
marc_has joined
jabberjockehas joined
COM8has joined
COM8has left
COM8has joined
COM8has left
eevvoorhas left
pdurbinhas joined
zachhas left
zachhas joined
j.rhas joined
j.rhas left
j.rhas joined
kokonoehas left
kokonoehas joined
pdurbinhas left
jubalhhas joined
Chobbeshas joined
lumihas joined
Dele (Mobile)has joined
adityaborikarhas left
zachhas left
zachhas joined
murabitohas joined
jubalhhas left
Chobbeshas left
Chobbeshas joined
zachhas left
zachhas joined
COM8has joined
COM8has left
COM8has joined
COM8has left
MattJGe0rG + all: mailing list archives should be working again now
Ge0rGMattJ: awesome, thanks!
Ge0rGAre the numbers still the same?
MattJYou mean did old URLs break? No, I sincerely hope not
jonas’(I just grepped my xsf@ logs for a random mail.jabber.org link)
jonas’(other links to standards@ seem to work)
ralphmYes, should be public
ralphmIn principle, mailman knows which lists should be
Nekithas left
Nekithas joined
zachhas left
zachhas joined
COM8has joined
COM8has left
Chobbeshas left
COM8has joined
COM8has left
Ge0rGjonas’: the evil thing about mailman silently renumbering is that all links still work, they just point to different mails
zachhas left
zachhas joined
ralphmYes that's horrible
COM8has joined
ralphmAt least for standards@ links archived by Google seem to match, with a quick sample
COM8has left
Ge0rGralphm: thanks for checking.
Ge0rGI'm sure there are still broken links on the wiki, from our last silent renumbering.
COM8has joined
COM8has left
ralphmWhen was that? I have old links in my blog and haven't noticed issues
COM8has joined
COM8has left
ralphm2003-2005
linkmauvehas joined
Ge0rGralphm: I suppose around 2016, when the infra went belly up
ralphmOk
kokonoehas left
kokonoehas joined
j.rhas left
pdurbinhas joined
Ge0rGralphm: eg. https://wiki.xmpp.org/web/XEP-Remarks/XEP-0352:_Client_State_Indication leads into a 404
Nekithas left
zachhas left
zachhas joined
Ge0rGhttps://wiki.xmpp.org/web/XEP-Remarks/XEP-0256:_Last_Activity_in_Presence has one 404 and one unrelated "XMPP or NodeJS" thread
Ge0rGthose two were the first hits of https://wiki.xmpp.org/web/index.php?search=mail.jabber.org&title=Special%3ASearch&go=Go
ralphmHmm
Zashhas left
Ge0rGI don't even dare going on
ralphmAre you fixing them as you go?
GuusBear once provided me with server logs, that I grepped for frequent 404's
Zashhas joined
Guusby no means a full fix, but I used it to fix the most high-impact ones.
Guusmaybe that can be repeated?
ralphmParticularly in this case, there's context to find the new working URLs
Nekithas joined
Ge0rGralphm: nope. I have no idea where the links used to point to before
Ge0rGand the 404s are kind of unexpected
Ge0rGthere used to be more wrong and less 404 links, IIRC
pdurbinhas left
ralphmWell, you have links with known months. Give the relatively low volume, you can choose suitable replacements.
ralphm(just go up one level, scan for the XEP by number or name)
ralphmE.g. the CSI one: https://mail.jabber.org/pipermail/standards/2014-August/029037.html
Ge0rGRight.
ajhas joined
LNJhas joined
zachhas left
zachhas joined
MattJjonas’, oh, right
MattJI think that's part of my earlier attempts at a fix
MattJApache was serving archives/private, and all the docs say to serve archive/public
COM8has joined
moparisthebestralphm, Ge0rG, jonas’ : it's not just servers that block non-contacts either, also clients https://github.com/ChatSecure/ChatSecure-iOS/issues/844 pretty crappy situation
COM8has left
moparisthebestand yea jmp.chat getting itself on a whitelist is probably doable, but kind of ruins the whole concept of an open federated system :/
moparisthebestditch whatsapp/telegram/$hotness_of_the_day and join XMPP and message anyone! (who doesn't happen to use a crippled client or server that they can't fix)
zachhas left
zachhas joined
ralphmWell, for what it is worth, once I disabled that module, I almost immediately got a bunch of spam. I understand it blocks certain users, but I am not affected by that, and that trumps not getting spam. YMMV
Mikaelahas left
moparisthebestand to be clear I think that's perfectly acceptable opt-in behavior, or even if it was on by default and you could opt-out
Mikaelahas joined
moparisthebestjust to have it hard-coded in clients, and server-wide in popular public servers where you can't disable it for your JID is bad bad
linkmauvehas left
ralphmSure
MattJAgreed - a standard way to enable/disable it would be great
ZashMagic blocking command-ish thing?
MattJSomeone XEP it and we could implement it in Prosody in less than an hour
Ge0rGOr, maybe, you know, a way to smartly block just the spam messages.
Ge0rGOr, slightly less useful, a kind of captcha-on-first-contact
LNJhas left
ralphmYeah, I don't believe in that.
ralphmI'm tempted to say: my server will only ever forward anything (including presence subscription requests) to the client, if there is a matching outgoing presence request or approval.
zachhas left
zachhas joined
ralphmAnd then something to cover MUC/MIX.
Holger... invitations.
ralphmfor MUC?
COM8has joined
HolgerYeah.
Mikaelahas left
HolgerThat's one of those things that typically fail with mod_block_strangers.
Mikaelahas joined
linkmauvehas joined
ralphmI don't remember how MUC invitations work, but in MIX there is the inviter - channel - invitee triangle and in that case it would indeed only work if both people have eachother in their roster
linkmauvehas left
linkmauvehas joined
ralphmI'm not sure if that's a negative, depending on how hard you want to block spam
COM8has left
j.rhas joined
COM8has joined
jonas’ralphm, MUC has both ways
jonas’with the MUC channel in between or without
ralphmThe big issue, of course, is needing some kind of out-of-band exchange of JIDs, or maybe phone number matching.
jonas’with is required for rooms where members are not allowed to edit the member list, but are allowed to send invites.
ralphmWhen we were implementing (only) MIX, I looked in detail at its mediated invites, and really like that model.
jonas’mediated invites are not spoofable, which is nice, but the problem is with spam of those, yes
ralphmBecause it won't cause blockage of invites from 'unknown' entities like the room (the invite comes directly from the inviter to the invitee), so that blocking JIDs will also never cause you to be bothered by people via MIX channels.
ralphmAnd then if you require a bidirectional relationship, that would block probably most spam.
ralphm(at the expense of ease-of-use, probably)
jonas’s/, probably//
jonas’ralphm, what you describe does not sound like a mediated invite to me
ralphmwell, I suppose it is mediated in reverse. It requires the participation of the channel.
ralphmI.e. someone can join the channel only if it got an invite that was approved by the channel, and it will only receive invites from non-blocked people.
jonas’I don’t get this, do you have a link to the document for me to read?
jonas’ah, but that doesn’t matter because you’d be filtering non-roster contacts
ralphmIf you wanted you could implement a step where the invitee checks the invite with the channel, before showing the invite to the user.
zachhas left
zachhas joined
pdurbinhas joined
davidhas left
davidhas joined
Ge0rGWith three parties involved, you can't trust any one to represent the other.
sezuanhas left
Ge0rGI've never blocked messages from strangers, and strangely I hardly receive any spam
ralphmGe0rG: maybe you are a natural anti-spam measure 🤣
Ge0rGIt used to be different.
jonas’ralphm, that requires a way for the channel to say "yes, that token is valid" without joining
ralphmIndeed
jonas’ralphm, this is simply one of the occasions where Ge0rG did (does) what he was (is) preaching
j.rhas joined
alameyohas left
alameyohas joined
Ge0rGjonas’: if you are going to join anyway, and that join depends on the token being valid, you can just skip the round trip
Ge0rGClients are auto joining for years now.
jonas’Ge0rG, the point is to validate the token to rule out dumb invite spam
ralphmThe point is that you may want to validate the invite before bothering the user
jonas’unless you’re collaborating with the MIX service, you don’t have valid tokens to invite people
Chobbeshas joined
ralphmIn this scenario, you'd minimize spam.
ralphmAlso, implicitly the inviter does trust the channel
Ge0rGSpammers would never collaborate with a MIX service
ralphmSo that's why I think it works
jonas’if the spammers collaborate with the MIX service, the obvious solution is to punish the MIX service.
Lancehas joined
Ge0rG> ralphm: there is a disapproved SPAM WG for that, in which you can become a member after signing an NDA with the blood of your first-born.
That offer is still open, BTW, in case you are interested in not blocking strangers.
pdurbinhas left
pep.How much is invite spam a thing? I've never experienced it (I mean from spammers. I do get invite spam otherwise but from "legit" users)
Ge0rGpep.: never got that so far
ralphmIt's been a long time since I got a bonfide invite
Ge0rGMost invites I'm getting from myself as a shortcut to join a MUC on my mobile
ralphmBut I get multiple invites per week
Ge0rGralphm: do you happen to have xml?
ralphmNot at the moment, but can hold on to it
ralphmNext time
zachhas left
zachhas joined
Ge0rGralphm: that would be great.
Ge0rGis collecting samples
ralphmnods
ralphmGot a few from default.rs
Chobbeshas left
Chobbeshas joined
Syndacehas left
wurstsalatany updates regarding DOAP ? gajim does also provide one now
pep.There's a PR awaiting, not sure what's blocking. I'd say editor's processing time
Wojtekhas joined
pep.I'll have a look after we get together with jonas’
Ge0rGWiring a DOAP looks like a significant effort
Zashcopy an existing, edit the name, call it a day
wurstsalatJust implement all the features, then you don't have to filter XEPs ;)
Wojtekhas left
Ge0rGwurstsalat: fewer features, less work.
wurstsalatI see your point
pep.Ge0rG: I'm sure somebody(tm) could PR a doap file for yaxim once it's deployed
Syndacehas joined
pep.Then you'd only have to update it
LNJhas joined
Ge0rGpep.: I'd actually appreciate that
Syndacehas left
Yagizahas joined
wurstsalatGe0rG, do you have a list of supported XEPs?
zachhas left
zachhas joined
Neustradamushas left
Neustradamushas joined
Ge0rGwurstsalat: more or less, at https://yaxim.org/features/
jonas’pep., the website is not editors realm
pep.Ah
pep.Board?
jonas’I just happen to know a bit about pelican so I did a few things back then
jonas’I don’t think there’s a formal team
jonas’actually
jonas’I have merge powers there, not sure why :)
jonas’Guus and I do most of the reviews
pep.Then we should submit that PR to board probably
wurstsalatGe0rG, Feb 1st, 2017 4:06 pm is sufficiently recent?
Lancehas left
Ge0rGwurstsalat: probably not, but it's the most recent I have ready.
wurstsalatIf nobody else volunteers I would compile a doap with this
ZashDidn't someone make a ???? to doap thingymajigger?
kokonoehas left
zachhas left
zachhas joined
kokonoehas joined
adityaborikarhas joined
LNJhas left
Nekithas left
Nekithas joined
zachhas left
zachhas joined
Yagizahas left
LNJhas joined
rionhas left
larmahas left
wurstsalatGe0rG, there you go, an approximation ;) https://paste.gajim.org/view/22c58cfb
Nekithas left
marc_has left
rionhas joined
larmahas joined
pep.wurstsalat, 0077 "complete" "no forms support", hmm.
zachhas left
zachhas joined
wurstsalatThat was me not parsing ;)
rionhas left
Ge0rGIs that rdf file now licensed under gpl3?
Chobbeshas left
Ge0rGShould I also add the version tags for the specific XEPs?
pep.yeah that'd be nice, maybe not required though(?)
rionhas joined
marc_has joined
adityaborikarhas left
adityaborikarhas joined
Zashdisco#info to doap? or was this the project that needed the registries to be in order?
pep.disco#info to doap could help a bit I guess.
rionhas left
zachhas left
zachhas joined
adityaborikarhas left
Chobbeshas joined
Chobbeshas left
Chobbeshas joined
Chobbeshas left
Ge0rGwurstsalat: Is that rdf file now licensed under gpl3?
zachhas left
zachhas joined
jubalhhas joined
adityaborikarhas joined
zachhas left
zachhas joined
rionhas joined
lovetoxhas joined
j.rhas left
ajhas left
LNJhas left
jubalhhas left
lovetoxhm the tombstone thing where we redirect to another address on destruction of a muc
zachhas left
zachhas joined
lovetoxif i disco such a muc, it has the new address inside <gone>new adress</gone> error condition
lovetoxis this somwhere specified ? or is this something people just do