[Operators] [Fwd: [ejabberd] Your server is a part of spammer/flood botnet!]

[Jonathan Schleifer]

Mickaël Rémond <mickael.remond at process-one.net> wrote:

> I do not see what is the problem with disabling In Band Registration  
> on a server you own and how it threaten the XMPP network.
> Anyone can run a server. 

I wasn't talking about IBR, but about disabling registration at all.
Providing a web registration with captcha is just fine.

> We need to have a registration mecanism that works inband and
> allow server owner to customize it to fit their process and policy.

I agree, that would be the ideal solution.

> Right now the only IBR process available is create an account without
> asking anything to anyone that ask for one, including bots. This is a
> bit limited and that's why we need to work with Peter or something
> better.

With current IBR, it would be possible to show an URL to a captcha and
add a field in which you have to type it's value. Not ideal, though.

> I think is it is good for the XMPP network if server admins cares of  
> usage policy and agree that not all thing can be done on their server.
> It is "administering" the server (making sure it works well, that  
> behaviour are appropriate, etc)

Of course, but disabling registration at all isn't a good idea, if all
servers do that, we have a problem.

-- 
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/operators/attachments/20080504/92ba63c3/attachment.pgp