[Operators] federated muc

Peter Saint-Andre stpeter at stpeter.im
Mon Dec 21 13:09:11 CST 2009


On 12/21/09 12:00 PM, Matthew Wild wrote:
> 2009/12/21 Jesse Thompson <jesse.thompson at doit.wisc.edu>:
>> On 12/21/2009 12:39 PM, Badlop wrote:
>>>> On 2009/12/21, at 18:23, Jesse Thompson wrote:
>>>>> We currently do not publish SRV records for our muc service in our
>>>>> domains, which effectively keeps external users out of our rooms.
>>> The change pointed by Pedro is simple, replace:
>> <snip>
>>
>> Thanks for the tip.
>>
>> If we keep the configuration the same and we publish in DNS, how likely is
>> it that spammers and trolls will abuse our rooms?
>>
> 
> How likely is it that it's going to rain tomorrow? A lot of people
> think they might know, but probably the only certain thing is that it
> will happen at some point :)
> 
> Think about it from the ground up... where will the spammer find your
> server/conference address? If it's public and in some list then it's
> certainly going to happen sooner or later (we've already seen it on
> jabber.org). It's not very common, but it happens every now and then.
> 
> If your server isn't so easy to find then perhaps you'll be safe for a
> while, who knows? :)

Also, you can typically configure rooms so that they are not published
in disco#items (or do that by default for all rooms at your service).
Then, even if someone can join a room from another domain, they won't
know which rooms to join unless you publicize a specific room address.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20091221/b735d061/attachment-0001.bin>


More information about the Operators mailing list