[Operators] [Fwd: [ejabberd] Your server is a part of spammer/flood botnet!]

Florian Jensen admin at flosoft.biz
Sun May 4 09:12:39 CDT 2008


I have the same. Our Web registration form uses CJPHP and uses In Band 
Registration that way.

That what I want to get rid of our spammer: I want to know the IP of 
someone registering / or the latest active IP.

eJabberd 2 shows you the IP of the user via Ad-Hoc if he's logged in, I 
would want to always know his last IP. This way, I, as admin, can 
easially track the users on our Network and enforce filtering policies 
on my Routers or Servers.

I will not disable IBR, but I get an Jabber message every time someone 
registers, so I can tack bot behaviour.

Florian Jensen

Jonathan Schleifer wrote:
> Wijnand Wiersma<wijnand at nedbsd.eu>  wrote:
>
>> And since I don't have time now to create a alternative that means
>> all registrations are disabled now for all my domains.
>
> That's exactly the point I feared, that you don't provide another way.
> And exactly this is bad and lets the attackers win...
>
> How about having a registration page via the internal ejabberd HTTP
> server with captachs and all? That would be a good alternative to IBR.
>


More information about the Operators mailing list