[Operators] Update on spammy invites

Peter Viskup skupko.sk at gmail.com
Wed Mar 20 23:09:01 UTC 2013


On 03/20/2013 07:03 PM, Dave Cridland wrote:
> Peter mentioned ensuring that open registration is blocked - I think 
> that open registration has proved itself our equivalent of open 
> relaying in SMTP, and we need to campaign strongly against this. The 
> majority of servers have no need to support IBR; I think we have to 
> declare this seriously harmful at this point.

Please stop spread this myth. IBR isn't nothing like open relay in SMTP. 
Any web-form based registration isn't solution to this situation. I am 
seeing a lot of automated registrations on my Drupal sites for example.
Did anybody performed some investigation and proved which servers are 
used for these attacks and if all of them are IBR-enabled? I'm not aware 
of anybody - didn't see list of the servers.

> Finally, I'd note that clients themselves can mitigate against 
> subscription request spamming by ensuring that their UIs handle 
> requests in such a way that won't promote spam.

Agree - for example Gajim client has 'Anti-Spam' extension which 
probably can be used as an protection against this (I don't use it/not 
sure about it).

-- 
Peter Viskup


More information about the Operators mailing list