<ralphm> And indeed, maybe mod_block_strangers isn't the best approach. I can imagine various cases where you'd receive a message stanzas from a non-contact that you didn't direct presence to (bare or full). And didn't want it blocked.
zachhas left
zachhas joined
moparisthebest
For example, jmp.chat
moparisthebest
Where you want messages from SMS non-contacts
moparisthebest
They have to constantly change their server and client recommendations because of this
Lancehas left
andyhas left
karoshihas left
murabitohas left
murabitohas joined
ajhas joined
Chobbeshas joined
fdshas joined
UsLhas left
UsLhas joined
zachhas left
zachhas joined
fds
h
fdshas left
Alexhas left
Marandahas left
Marandahas joined
waqashas left
waqashas joined
pdurbinhas joined
Chobbeshas left
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
Chobbeshas joined
waqashas left
waqashas joined
pdurbinhas left
neshtaxmpphas left
neshtaxmpphas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas joined
Chobbeshas left
zachhas left
zachhas joined
waqashas left
waqashas joined
adityaborikarhas left
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
sonnyhas left
sonnyhas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas left
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
kokonoehas left
waqashas left
waqashas joined
kokonoehas joined
lumihas left
waqashas left
waqashas joined
waqashas left
waqashas joined
waqashas left
waqashas joined
adityaborikarhas joined
murabitohas left
murabitohas joined
adityaborikarhas left
Nekithas joined
zachhas left
zachhas joined
andyhas joined
pdurbinhas joined
adityaborikarhas joined
pdurbinhas left
sonnyhas left
adityaborikarhas left
patrickhas left
jcbrandhas left
adityaborikarhas joined
adityaborikarhas left
rionhas joined
mimi89999has left
mimi89999has joined
adityaborikarhas joined
zachhas left
zachhas joined
jabberjockehas left
j.rhas left
j.rhas joined
adityaborikarhas left
adityaborikarhas joined
Douglas Terabytehas left
Douglas Terabytehas joined
adityaborikarhas left
adityaborikarhas joined
jabberjockehas joined
jabberjockehas left
jabberjockehas joined
jabberjockehas left
jabberjockehas joined
j.rhas left
waqashas left
Mikaelahas left
Mikaelahas joined
Tobiashas joined
wurstsalathas joined
goffihas joined
archas left
archas joined
jabberjockehas left
zachhas left
zachhas joined
karoshihas joined
pdurbinhas joined
j.rhas joined
Douglas Terabytehas left
Douglas Terabytehas joined
j.rhas left
j.rhas joined
pdurbinhas left
adityaborikarhas left
adityaborikarhas joined
adityaborikarhas left
adityaborikarhas joined
jcbrandhas joined
zachhas left
zachhas joined
zachhas left
larmahas left
zachhas joined
larmahas joined
Douglas Terabytehas left
Douglas Terabytehas joined
jonas’
moparisthebest, maybe talk to the server implementations about white-listing jmp.chat
jonas’
that’s a reasonable use-case
jonas’
and since you need to be registered with jmp.chat to receive messages from them (?) it is opt-in for each user fully and without extra config
jonas’
could be a config switch obviously for the admin to disable the whitelisting
jonas’
but I think by default it should be whitelisted
Douglas Terabytehas left
Ge0rG
What about
> Also blocking messages from strangers, server-wide, is a very bad idea.
alameyohas left
alameyohas joined
zachhas left
zachhas joined
pdurbinhas joined
jonas’
true
alameyohas left
mimi89999has left
mimi89999has joined
sezuanhas joined
jabberjockehas joined
sezuanhas left
sezuanhas joined
zachhas left
zachhas joined
alameyohas joined
adityaborikarhas left
adityaborikarhas joined
alameyohas left
alameyohas joined
zachhas left
zachhas joined
mimi89999has left
j.rhas left
jubalhhas joined
mimi89999has joined
Zashhas left
jabberjockehas left
Mikaelahas left
Mikaelahas joined
zachhas left
zachhas joined
Zashhas joined
pdurbinhas left
Nekithas left
Nekithas joined
zachhas left
zachhas joined
COM8has joined
pdurbinhas joined
murabitohas left
archas left
archas joined
Nekithas left
Nekithas joined
lskdjfhas joined
jabberjockehas joined
COM8has left
COM8has joined
COM8has left
jabberjockehas left
COM8has joined
COM8has left
ajhas left
COM8has joined
COM8has left
COM8has joined
zachhas left
zachhas joined
COM8has left
COM8has joined
COM8has left
COM8has joined
COM8has left
linkmauvehas joined
adityaborikarhas left
jubalhhas left
Alexhas joined
winfried
Guus Ralphm maybe we should apply for this: https://www.forumstandaardisatie.nl/content/toetsen-van-standaarden
Nekithas left
Guus
winfried: i quickly scanned: seems we're to late?
kokonoehas left
Nekithas joined
kokonoehas joined
winfried
Guus: They have a continuous call and they accept twice a year. We missed the call for this autumn but can apply for the spring
winfried
And best prepare well for it...
Guus
kk
pdurbinhas left
zachhas left
zachhas joined
linkmauvehas left
COM8has joined
COM8has left
adityaborikarhas joined
COM8has joined
COM8has left
adityaborikarhas left
adityaborikarhas joined
eevvoorhas joined
COM8has joined
COM8has left
zachhas left
zachhas joined
marc_has joined
jabberjockehas joined
COM8has joined
COM8has left
COM8has joined
COM8has left
eevvoorhas left
pdurbinhas joined
zachhas left
zachhas joined
j.rhas joined
j.rhas left
j.rhas joined
kokonoehas left
kokonoehas joined
pdurbinhas left
jubalhhas joined
Chobbeshas joined
lumihas joined
Dele (Mobile)has joined
adityaborikarhas left
zachhas left
zachhas joined
murabitohas joined
jubalhhas left
Chobbeshas left
Chobbeshas joined
zachhas left
zachhas joined
COM8has joined
COM8has left
COM8has joined
COM8has left
MattJ
Ge0rG + all: mailing list archives should be working again now
Ge0rG
MattJ: awesome, thanks!
Ge0rG
Are the numbers still the same?
MattJ
You mean did old URLs break? No, I sincerely hope not
(I just grepped my xsf@ logs for a random mail.jabber.org link)
jonas’
(other links to standards@ seem to work)
ralphm
Yes, should be public
ralphm
In principle, mailman knows which lists should be
Nekithas left
Nekithas joined
zachhas left
zachhas joined
COM8has joined
COM8has left
Chobbeshas left
COM8has joined
COM8has left
Ge0rG
jonas’: the evil thing about mailman silently renumbering is that all links still work, they just point to different mails
zachhas left
zachhas joined
ralphm
Yes that's horrible
COM8has joined
ralphm
At least for standards@ links archived by Google seem to match, with a quick sample
COM8has left
Ge0rG
ralphm: thanks for checking.
Ge0rG
I'm sure there are still broken links on the wiki, from our last silent renumbering.
COM8has joined
COM8has left
ralphm
When was that? I have old links in my blog and haven't noticed issues
COM8has joined
COM8has left
ralphm
2003-2005
linkmauvehas joined
Ge0rG
ralphm: I suppose around 2016, when the infra went belly up
ralphm
Ok
kokonoehas left
kokonoehas joined
j.rhas left
pdurbinhas joined
Ge0rG
ralphm: eg. https://wiki.xmpp.org/web/XEP-Remarks/XEP-0352:_Client_State_Indication leads into a 404
Nekithas left
zachhas left
zachhas joined
Ge0rG
https://wiki.xmpp.org/web/XEP-Remarks/XEP-0256:_Last_Activity_in_Presence has one 404 and one unrelated "XMPP or NodeJS" thread
Ge0rG
those two were the first hits of https://wiki.xmpp.org/web/index.php?search=mail.jabber.org&title=Special%3ASearch&go=Go
ralphm
Hmm
Zashhas left
Ge0rG
I don't even dare going on
ralphm
Are you fixing them as you go?
Guus
Bear once provided me with server logs, that I grepped for frequent 404's
Zashhas joined
Guus
by no means a full fix, but I used it to fix the most high-impact ones.
Guus
maybe that can be repeated?
ralphm
Particularly in this case, there's context to find the new working URLs
Nekithas joined
Ge0rG
ralphm: nope. I have no idea where the links used to point to before
Ge0rG
and the 404s are kind of unexpected
Ge0rG
there used to be more wrong and less 404 links, IIRC
pdurbinhas left
ralphm
Well, you have links with known months. Give the relatively low volume, you can choose suitable replacements.
ralphm
(just go up one level, scan for the XEP by number or name)
ralphm
E.g. the CSI one: https://mail.jabber.org/pipermail/standards/2014-August/029037.html
Ge0rG
Right.
ajhas joined
LNJhas joined
zachhas left
zachhas joined
MattJ
jonas’, oh, right
MattJ
I think that's part of my earlier attempts at a fix
MattJ
Apache was serving archives/private, and all the docs say to serve archive/public
COM8has joined
moparisthebest
ralphm, Ge0rG, jonas’ : it's not just servers that block non-contacts either, also clients https://github.com/ChatSecure/ChatSecure-iOS/issues/844 pretty crappy situation
COM8has left
moparisthebest
and yea jmp.chat getting itself on a whitelist is probably doable, but kind of ruins the whole concept of an open federated system :/
moparisthebest
ditch whatsapp/telegram/$hotness_of_the_day and join XMPP and message anyone! (who doesn't happen to use a crippled client or server that they can't fix)
zachhas left
zachhas joined
ralphm
Well, for what it is worth, once I disabled that module, I almost immediately got a bunch of spam. I understand it blocks certain users, but I am not affected by that, and that trumps not getting spam. YMMV
Mikaelahas left
moparisthebest
and to be clear I think that's perfectly acceptable opt-in behavior, or even if it was on by default and you could opt-out
Mikaelahas joined
moparisthebest
just to have it hard-coded in clients, and server-wide in popular public servers where you can't disable it for your JID is bad bad
linkmauvehas left
ralphm
Sure
MattJ
Agreed - a standard way to enable/disable it would be great
Zash
Magic blocking command-ish thing?
MattJ
Someone XEP it and we could implement it in Prosody in less than an hour
Ge0rG
Or, maybe, you know, a way to smartly block just the spam messages.
Ge0rG
Or, slightly less useful, a kind of captcha-on-first-contact
LNJhas left
ralphm
Yeah, I don't believe in that.
ralphm
I'm tempted to say: my server will only ever forward anything (including presence subscription requests) to the client, if there is a matching outgoing presence request or approval.
zachhas left
zachhas joined
ralphm
And then something to cover MUC/MIX.
Holger
... invitations.
ralphm
for MUC?
COM8has joined
Holger
Yeah.
Mikaelahas left
Holger
That's one of those things that typically fail with mod_block_strangers.
Mikaelahas joined
linkmauvehas joined
ralphm
I don't remember how MUC invitations work, but in MIX there is the inviter - channel - invitee triangle and in that case it would indeed only work if both people have eachother in their roster
linkmauvehas left
linkmauvehas joined
ralphm
I'm not sure if that's a negative, depending on how hard you want to block spam
COM8has left
j.rhas joined
COM8has joined
jonas’
ralphm, MUC has both ways
jonas’
with the MUC channel in between or without
ralphm
The big issue, of course, is needing some kind of out-of-band exchange of JIDs, or maybe phone number matching.
jonas’
with is required for rooms where members are not allowed to edit the member list, but are allowed to send invites.
ralphm
When we were implementing (only) MIX, I looked in detail at its mediated invites, and really like that model.
jonas’
mediated invites are not spoofable, which is nice, but the problem is with spam of those, yes
ralphm
Because it won't cause blockage of invites from 'unknown' entities like the room (the invite comes directly from the inviter to the invitee), so that blocking JIDs will also never cause you to be bothered by people via MIX channels.
ralphm
And then if you require a bidirectional relationship, that would block probably most spam.
ralphm
(at the expense of ease-of-use, probably)
jonas’
s/, probably//
jonas’
ralphm, what you describe does not sound like a mediated invite to me
ralphm
well, I suppose it is mediated in reverse. It requires the participation of the channel.
ralphm
I.e. someone can join the channel only if it got an invite that was approved by the channel, and it will only receive invites from non-blocked people.
jonas’
I don’t get this, do you have a link to the document for me to read?
ah, but that doesn’t matter because you’d be filtering non-roster contacts
ralphm
If you wanted you could implement a step where the invitee checks the invite with the channel, before showing the invite to the user.
zachhas left
zachhas joined
pdurbinhas joined
davidhas left
davidhas joined
Ge0rG
With three parties involved, you can't trust any one to represent the other.
sezuanhas left
Ge0rG
I've never blocked messages from strangers, and strangely I hardly receive any spam
ralphm
Ge0rG: maybe you are a natural anti-spam measure 🤣
Ge0rG
It used to be different.
jonas’
ralphm, that requires a way for the channel to say "yes, that token is valid" without joining
ralphm
Indeed
jonas’
ralphm, this is simply one of the occasions where Ge0rG did (does) what he was (is) preaching
j.rhas joined
alameyohas left
alameyohas joined
Ge0rG
jonas’: if you are going to join anyway, and that join depends on the token being valid, you can just skip the round trip
Ge0rG
Clients are auto joining for years now.
jonas’
Ge0rG, the point is to validate the token to rule out dumb invite spam
ralphm
The point is that you may want to validate the invite before bothering the user
jonas’
unless you’re collaborating with the MIX service, you don’t have valid tokens to invite people
Chobbeshas joined
ralphm
In this scenario, you'd minimize spam.
ralphm
Also, implicitly the inviter does trust the channel
Ge0rG
Spammers would never collaborate with a MIX service
ralphm
So that's why I think it works
jonas’
if the spammers collaborate with the MIX service, the obvious solution is to punish the MIX service.
Lancehas joined
Ge0rG
> ralphm: there is a disapproved SPAM WG for that, in which you can become a member after signing an NDA with the blood of your first-born.
That offer is still open, BTW, in case you are interested in not blocking strangers.
pdurbinhas left
pep.
How much is invite spam a thing? I've never experienced it (I mean from spammers. I do get invite spam otherwise but from "legit" users)
Ge0rG
pep.: never got that so far
ralphm
It's been a long time since I got a bonfide invite
Ge0rG
Most invites I'm getting from myself as a shortcut to join a MUC on my mobile
ralphm
But I get multiple invites per week
Ge0rG
ralphm: do you happen to have xml?
ralphm
Not at the moment, but can hold on to it
ralphm
Next time
zachhas left
zachhas joined
Ge0rG
ralphm: that would be great.
Ge0rGis collecting samples
ralphmnods
ralphm
Got a few from default.rs
Chobbeshas left
Chobbeshas joined
Syndacehas left
wurstsalat
any updates regarding DOAP ? gajim does also provide one now
pep.
There's a PR awaiting, not sure what's blocking. I'd say editor's processing time
Wojtekhas joined
pep.
I'll have a look after we get together with jonas’
Ge0rG
Wiring a DOAP looks like a significant effort
Zash
copy an existing, edit the name, call it a day
wurstsalat
Just implement all the features, then you don't have to filter XEPs ;)
Wojtekhas left
Ge0rG
wurstsalat: fewer features, less work.
wurstsalat
I see your point
pep.
Ge0rG: I'm sure somebody(tm) could PR a doap file for yaxim once it's deployed
Syndacehas joined
pep.
Then you'd only have to update it
LNJhas joined
Ge0rG
pep.: I'd actually appreciate that
Syndacehas left
Yagizahas joined
wurstsalat
Ge0rG, do you have a list of supported XEPs?
zachhas left
zachhas joined
Neustradamushas left
Neustradamushas joined
Ge0rG
wurstsalat: more or less, at https://yaxim.org/features/
jonas’
pep., the website is not editors realm
pep.
Ah
pep.
Board?
jonas’
I just happen to know a bit about pelican so I did a few things back then
jonas’
I don’t think there’s a formal team
jonas’
actually
jonas’
I have merge powers there, not sure why :)
jonas’
Guus and I do most of the reviews
pep.
Then we should submit that PR to board probably
wurstsalat
Ge0rG, Feb 1st, 2017 4:06 pm is sufficiently recent?
Lancehas left
Ge0rG
wurstsalat: probably not, but it's the most recent I have ready.
wurstsalat
If nobody else volunteers I would compile a doap with this
Zash
Didn't someone make a ???? to doap thingymajigger?
kokonoehas left
zachhas left
zachhas joined
kokonoehas joined
adityaborikarhas joined
LNJhas left
Nekithas left
Nekithas joined
zachhas left
zachhas joined
Yagizahas left
LNJhas joined
rionhas left
larmahas left
wurstsalat
Ge0rG, there you go, an approximation ;) https://paste.gajim.org/view/22c58cfb
Nekithas left
marc_has left
rionhas joined
larmahas joined
pep.
wurstsalat, 0077 "complete" "no forms support", hmm.
zachhas left
zachhas joined
wurstsalat
That was me not parsing ;)
rionhas left
Ge0rG
Is that rdf file now licensed under gpl3?
Chobbeshas left
Ge0rG
Should I also add the version tags for the specific XEPs?
pep.
yeah that'd be nice, maybe not required though(?)
rionhas joined
marc_has joined
adityaborikarhas left
adityaborikarhas joined
Zash
disco#info to doap? or was this the project that needed the registries to be in order?
pep.
disco#info to doap could help a bit I guess.
rionhas left
zachhas left
zachhas joined
adityaborikarhas left
Chobbeshas joined
Chobbeshas left
Chobbeshas joined
Chobbeshas left
Ge0rG
wurstsalat: Is that rdf file now licensed under gpl3?
zachhas left
zachhas joined
jubalhhas joined
adityaborikarhas joined
zachhas left
zachhas joined
rionhas joined
lovetoxhas joined
j.rhas left
ajhas left
LNJhas left
jubalhhas left
lovetox
hm the tombstone thing where we redirect to another address on destruction of a muc
zachhas left
zachhas joined
lovetox
if i disco such a muc, it has the new address inside <gone>new adress</gone> error condition
lovetox
is this somwhere specified ? or is this something people just do