[Operators] Spammy servers

Kevin Smith kevin at kismith.co.uk
Sat Mar 2 12:26:32 UTC 2013


On Sat, Mar 2, 2013 at 6:55 AM, LongLine <brainrunner at hotmail.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Am 01.03.2013 18:42, schrieb Kevin Smith:
>> The ongoing discussions about Google having had to (temporarily?)
>> impose a blanket block on sub requests has reminded me that I meant
>> to post.
>>
>> A few weeks ago a service I admin was attacked over S2S by
>> flooders (MUC room attacks).
>>
>> As far as I can tell, the flooders had produced scripts to
>> autoregister accounts on servers that have unprotected
>> registrations, use them to spam a few messages each and presumably
>> then throw the accounts away. I've had to block all of the
>> following servers for having unprotected signups - other admins can
>> use or ignore this information as they wish, but if any admins of
>> these servers are following the list, please effect some protection
>> against this abuse - i.e. disable unprotected IBR. As well as
>> knowing when it's safe to start unblocking these servers, I'd be
>> interested to hear what steps people are generally taking to
>> prevent abuse from their accounts, especially if they run services
>> that allow public signup.
>>
>> 12jabber.com abber.linux.it brauchen.info deshalbfrei.org
>> headcounter.org im.apinc.org jabber.ccc.de jabber.com.ua jabber.fr
>> jabber.justlan.ru jabber.linux.it jabber.murom.net
>> jabber.ozerki.net jabber.rdtc.ru jabber.sk jabber.snc.ru
>> jabber.tcweb.org jabber.wiretrip.org jabbernet.dk jid.pl
>> jwchat.org kofeina.net myjid.eu silper.cz skyjabber.ru
>> swissjabber.eu swissjabber.li syriastars.com xmpp.us
>>
>> /K
>>
>>
> what do u mean with unprotected registrations ?
> Which protection need the server list ? i used openfire

What protection is needed is really up to admins (indeed, if everyone
did the same it'd probably reduce the effectiveness as a whole), but
the thing that mustn't be done is allowing signup without any
verification that the entity performing the signup is a human. Some
ways this can be done (none of them entirely reliable) are captchas,
text captchas (asking some general knowledge question or similar),
email verifications and what have you.

/K


More information about the Operators mailing list