[Operators] Rosters flood

Peter Viskup skupko.sk at gmail.com
Wed Sep 8 08:14:41 CST 2010


Small correction in regexp:
"^(40tman_rullez|ws_conference_jabber_ru)"
and the name in access rule should be jabber_sk_bad_users of course.

On Wed, Sep 8, 2010 at 9:47 AM, Peter Viskup <skupko.sk at gmail.com> wrote:

> I configured restriction for account creation based on regexp and filter
> these account names.
> I think administrators of other affected jabber servers should follow this
> approach.
>
> {acl, jabber_sk_bad_users, {user_regexp,
> "^[40tman_rullez,ws_conference_jabber_ru]", "jabber.sk"}}.
> {access, register_jabber_sk, [{deny, bad_users}, {allow, all}]}.
> I will remove all existing 40tman_rullez and ws_conference_jabber_ru
> accounts on jabber.sk that these will not be used any more.
>
> Regards,
> --
> Peter Viskup
> xmpp: skupko at jabber.sk
>
> On Wed, Sep 8, 2010 at 6:39 AM, Evgeniy Khramtsov <xramtsov at gmail.com>wrote:
>
>> 08.09.2010 08:36, Peter Viskup wrote:
>>
>>> I have evidence of these '40tman_rullez' accounts being created on
>>> jabber.sk server for last weeks.
>>> Most of connections of '40tman_rullez' accounts are made from IPs
>>> 188.168.78.102, 188.168.78.162, 81.177.33.11...
>>>
>>> But there are also others e.g.:
>>> ws_conference_jabber_ru41odk__n at jabber.sk
>>> Most of connections of 'ws_conference_jabber_ru' accounts are made from
>>> IPs 109.169.251.0, 82.146.63.108, 95.67.179.109...
>>>
>>>
>> Thank you for the info!
>>
>>
>>  All listed IPs are registered in Russia.
>>> These accounts are probably causing also the increased network
>>> utilization on our server (4Mb/s in peaks).
>>>
>>> Let me know if any other information could help you to find the way how
>>> to fight against this. Do you have any recommendation how to prevent these
>>> accounts to be created on our server? I do not like to implement CAPTCHA nor
>>> filtering IPs.
>>>
>>>
>> The only way I know is to disable iq:register and provide web-based
>> registration only (with CAPTCHA). Well, of course, as Yann said, it is
>> possible to improve in-band registration modules to support CAPTCHA, but
>> there are too little clients supporting it. Also the good approach is to
>> register one account per one confirmation email. My bad, but we don't have
>> such feature on jabber.ru :( Seems like it is the time to implement it...
>>
>>
>> --
>> Regards,
>> Evgeniy Khramtsov, ProcessOne.
>> xmpp:xram at jabber.ru <xmpp%3Axram at jabber.ru>.
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20100908/5d627fee/attachment-0001.htm>


More information about the Operators mailing list