[Operators] [Fwd: [ejabberd] Your server is a part of spammer/flood botnet!]
Florian Jensen
admin at flosoft.biz
Sun May 4 09:12:39 CDT 2008
I have the same. Our Web registration form uses CJPHP and uses In Band
Registration that way.
That what I want to get rid of our spammer: I want to know the IP of
someone registering / or the latest active IP.
eJabberd 2 shows you the IP of the user via Ad-Hoc if he's logged in, I
would want to always know his last IP. This way, I, as admin, can
easially track the users on our Network and enforce filtering policies
on my Routers or Servers.
I will not disable IBR, but I get an Jabber message every time someone
registers, so I can tack bot behaviour.
Florian Jensen
Jonathan Schleifer wrote:
> Wijnand Wiersma<wijnand at nedbsd.eu> wrote:
>
>> And since I don't have time now to create a alternative that means
>> all registrations are disabled now for all my domains.
>
> That's exactly the point I feared, that you don't provide another way.
> And exactly this is bad and lets the attackers win...
>
> How about having a registration page via the internal ejabberd HTTP
> server with captachs and all? That would be a good alternative to IBR.
>
More information about the Operators
mailing list