[Operators] Update on spammy invites

Kevin Smith kevin at kismith.co.uk
Thu Mar 21 14:08:09 UTC 2013


On Thu, Mar 21, 2013 at 2:03 PM, Maxim Ignatenko <gelraen.ua at gmail.com> wrote:
> On 21 March 2013 13:44, Jesse Thompson <jesse.thompson at doit.wisc.edu> wrote:
>> On 3/20/2013 6:09 PM, Peter Viskup wrote:
>>> Did anybody performed some investigation and proved which servers are
>>> used for these attacks and if all of them are IBR-enabled? I'm not aware
>>> of anybody - didn't see list of the servers.
>>
>> Apparently not.
>
> jabber.kiev.ua have IBR enabled and protected by CAPTCHA.

Interestingly (or maybe not) jabber.kiev.ua wasn't on the list of
servers I sent out that I'd see automated MUC attacks from.

I guess we need protection both from automated attacks and from manual
ones. Disabling automated IBR only protects (partially) against the
automated ones.

The 300 number is interesting - I wonder why they did that. Do you
have any information about these subscriptions? Did they seem to be to
randomly generated users on gmail? Did they contain messages?

/K


More information about the Operators mailing list