[Operators] Strange registrations
ctofur at gmail.com
Fri Mar 27 15:06:06 CDT 2009
Not that I have used it, it appears this project is promising and has what
is needed to authenticate as an admin for the bare minimum to send a XEP
This wiki page is not complete but it give you a good start to a library
list for XMPP
If the library of your picking does not supply a function to register/add
new users. All the libraries allow for authentication, which your script
can AUTH with the server as an admin. Then send this raw message,
substituting the appropriate variables.
<iq type="set" to="$server" id="ab5ea" >
<command xmlns="http://jabber.org/protocol/commands" node="
<x xmlns="jabber:x:data" type="submit" >
<field type="hidden" var="FORM_TYPE" >
<field type="jid-single" var="accountjid" >
<field type="text-private" var="password" >
<field type="text-private" var="password-verify" >
Fairly easy task then it comes down to it.... Maybe I should make it..?..?..
On Fri, Mar 27, 2009 at 1:38 PM, Peter Saint-Andre <stpeter at stpeter.im>wrote:
> I agree that we need good web-registration support. Does anyone have a
> good set of pages for this (e.g., PHP)?
> On 3/27/09 9:44 AM, chris johnston wrote:
> > Is it a good idea to disallow registrations of users and force the use
> > of a webpage form that has a human verification method (reCaptha)????
> > Thus bot registrations would have to pass the human verification method
> > of a webpage.
> > It seems like the in-band registration capabilities of XMPP are going to
> > be targeted by bots heavily and there are no strong methods intergrated
> > into major xmpp servers nor clients that stop this issue.
> > I do know ejabberd is working on suppressing SPAM via Group chats using
> > XEP-0158 *CAPTCHA* Forms <http://xmpp.org/extensions/xep-0158.html#muc>
> > Although untill jabber clients support XEP-0158 for in-band user
> > registration I suggest all operators with public servers move to
> > registration via html form with human verification.
> > -Chris
> > On Fri, Mar 27, 2009 at 11:03 AM, Clemens Fries <xmpp at xenoworld.de
> > <mailto:xmpp at xenoworld.de>> wrote:
> > Hi!
> > I, too, got a few of these registrations. I did a quick search for
> > some of the
> > names on the list and discovered that all the surnames used in the
> > nicknames
> > seem to originate from this list:
> > http://cns2.uni.edu/~okane/114/Physicians.txt<http://cns2.uni.edu/%7Eokane/114/Physicians.txt>
> > <http://cns2.uni.edu/%7Eokane/114/Physicians.txt>
> > It may be interesting to hear of anyone got a nickname with a
> > surname that is
> > not on that list. I got only positive matches for the names you
> > provided and
> > for the seven names I had at hand.
> > Might help to single out the 'bad' users. The first names seem to
> > come from a
> > different list ─ there are multiple results if you google for some
> > of the more
> > exotic names.
> > On Friday 27 March 2009 15:05:28 Michael Grigutsch wrote:
> > > Hi!
> > >
> > > It seems as if the registration bots have been improved to use more
> > > ordinary nicknames for the registration. I have some strange
> > registration
> > > the last days, always using $name_$name as nick, e.g.
> > > evangeline_coldsmith, kendal_emrick...
> > >
> > > The accounts are not be used further after registration, some of
> > them were
> > > automatically deleted during daily maintenance as the user never
> > logs in.
> > >
> > > Anyone else noticed that registrations?
> > >
> > > Best regards
> > >
> > > /MiGri
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Operators