[Operators] Spammy servers

Kevin Smith kevin at kismith.co.uk
Fri Mar 1 17:42:38 UTC 2013


The ongoing discussions about Google having had to (temporarily?)
impose a blanket block on sub requests has reminded me that I meant to
post.

A few weeks ago a service I admin was attacked over S2S by flooders
(MUC room attacks).

As far as I can tell, the flooders had produced scripts to
autoregister accounts on servers that have unprotected registrations,
use them to spam a few messages each and presumably then throw the
accounts away. I've had to block all of the following servers for
having unprotected signups - other admins can use or ignore this
information as they wish, but if any admins of these servers are
following the list, please effect some protection against this abuse -
i.e. disable unprotected IBR. As well as knowing when it's safe to
start unblocking these servers, I'd be interested to hear what steps
people are generally taking to prevent abuse from their accounts,
especially if they run services that allow public signup.

12jabber.com
abber.linux.it
brauchen.info
deshalbfrei.org
headcounter.org
im.apinc.org
jabber.ccc.de
jabber.com.ua
jabber.fr
jabber.justlan.ru
jabber.linux.it
jabber.murom.net
jabber.ozerki.net
jabber.rdtc.ru
jabber.sk
jabber.snc.ru
jabber.tcweb.org
jabber.wiretrip.org
jabbernet.dk
jid.pl
jwchat.org
kofeina.net
myjid.eu
silper.cz
skyjabber.ru
swissjabber.eu
swissjabber.li
syriastars.com
xmpp.us

/K


More information about the Operators mailing list