[Operators] ejabberd CAPTCHA

Peter Saint-Andre stpeter at stpeter.im
Thu Aug 27 14:31:52 CDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 8/27/09 8:12 AM, Fabio Forno wrote:
> On Thu, Aug 27, 2009 at 3:44 PM, Evgeniy Khramtsov<xramtsov at gmail.com> wrote:
>> JFYI, standard ejabberd's CAPTCHA is broken. See
>> http://gentoo.ru/jabber/logs/gentoo@conference.gentoo.ru/2009/08/27.html#12:38:32.873747
>>
> 
> And captchas would be welcome in inband registration too. 

Agreed. We might even consider enabling IBR again at jabber.org if we
have CAPTCHAs.

> I think that
> part of that flood was coming from our server too, since yesterday we
> had a bot registering accounts. We blocked it in few minutes, but it
> was able send a bulk of messages. In ejabberd there is an option for
> limiting the number of registrations per IP, the problem is that in
> our case almost all the clients are natted in large networks

Yes, that is a challenge. :(

Peter

- --
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqW3ygACgkQNL8k5A2w/vy99QCdHFPGH2nsx+MyiMKjT2BUV7Fl
mhQAn1ng+LjnSowcSD96xt9vxBJJgRBP
=gqn3
-----END PGP SIGNATURE-----


More information about the Operators mailing list