[Operators] chatroom flooders

Peter Saint-Andre stpeter at stpeter.im
Fri Jun 22 15:20:15 UTC 2012


On 6/22/12 6:16 AM, Peter Saint-Andre wrote:
> On 6/22/12 4:01 AM, Tim Schumacher wrote:
>> At Thu, 21 Jun 2012 21:00:45 -0700,
>> Ed - 0x1b, Inc. wrote:
>>>
>>> On Thu, Jun 21, 2012 at 9:50 AM, Peter Saint-Andre <stpeter at stpeter.im> wrote:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA1
>>>>
>>>> It seems that many of those who run multi-user chat services have
>>>> experienced chatroom flooders. What best practices do people have for
>>>> fighting this? It seems the best we can do in real time is change the
>>>> room to moderated so that new flooders can't send messages, but that's
>>>> not a very good solution and we should be able to come up with
>>>> something better. I've been thinking about ways to use entity
>>>> reputation (XEP-0275), but other suggestions are welcome. :)
>>>>
>>>> Peter
>>>>
>>> How about tar-pitting the flooders - like OpenBSD's spamd? (and not
>>> the spam filter spamd)
>>> It has a good feature set. I like that it works out at the firewall.
>>
>> Tarpitting sounds good, the problem I can see that in heated
>> discussion this could also trigger.
>>
>> Another Problem I see with tarpitting is when the flooder joins with
>> 10 or more bots tarpitting would not be very effective.
> 
> And that's what happens.

Does spamd work by blocking IP addresses?

One challenge we have is that we can't block a flooder's JID based on IP
address. All we can do is report the flooder to its "home" server and
ask that server to disable the account or block future registrations
from that IP address. For this we need an incident handling protocol
<http://xmpp.org/extensions/xep-0268.html> and we need it to be widely
implemented and deployed.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/






More information about the Operators mailing list