[Operators] [Fwd: [ejabberd] Your server is a part of spammer/flood botnet!]

Mickaël Rémond mickael.remond at process-one.net
Sun May 4 07:15:34 CDT 2008


I do not see what is the problem with disabling In Band Registration  
on a server you own and how it threaten the XMPP network.
Anyone can run a server.  There are lots of free public servers.
Some have web registration with a specific process: you have to accept  
usage conditions or provide email address or read a captcha, etc.
We need to have a registration mecanism that works inband and allow  
server owner to customize it to fit their process and policy. Right  
now the only IBR process available is create an account without asking  
anything to anyone that ask for one, including bots. This is a bit  
limited and that's why we need to work with Peter or something better.

I think is it is good for the XMPP network if server admins cares of  
usage policy and agree that not all thing can be done on their server.
It is "administering" the server (making sure it works well, that  
behaviour are appropriate, etc)

Mickaël Remond

Le 4 mai 08 à 13:51, Jonathan Schleifer <js-xog at webkeks.org> a écrit :

> Wijnand Wiersma <wijnand at nedbsd.eu> wrote:
>> For now I will disable registrations.
> Don't. That would make the XMPP network vulnerable to attackers. That
> might be exactly what they want to reach.
> -- 
> Jonathan

More information about the Operators mailing list