[Operators] Strange users
mati at fsinf.at
Wed Oct 12 13:51:23 UTC 2011
I have seen something very similar on my server. We had tons of accounts with
usernames of what appeared to be md5sums. They had no contacts EXCEPT they
were using our MSN transports. At the same time I also had registrations with
usernames that were exactly 10 digits (i.e. 0123456789 at jabber.fsinf.at), with
the same behaviour.
I figured this was a spam-problem and deleted all such accounts plus blocked
their registration. Nobody ever complained.
To make a long story short: I think we have a significant spamming problem on
PS: Just for the record, jabber.fsinf.at is *still* on the public list,
despite the fact that it doesn't allow any registrations. jabber.at is still
On Tuesday, October 11, 2011 04:12:13 PM Daniel Fischaleck wrote:
> today I finally managed to upgrade my Openfire server to 3.7.1. After
> reimporting my DB I noticed some strange users like:
> a812bcd6e650610c861b97d05b2ca87bb451e526 the import process said this
> person has 0 persons on his/her roster, but it frequently loggs in, today
> with the IP address 188.8.131.52.
> Another example would be 0c72762fbbc33a933d3f22e646152a868ad5ab64 (there
> are a lot more!)
> Does anyone know what kind user this is? I fear of this person abusing my
> server for some illegal activities. Due to privacy reasons i do not want to
> analyze his traffic.
me on twitter: @mathiasertl | soup: http://soup.er.tl
I only read plain-text mail! I prefer signed/encrypted mail!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Operators