[Operators] DDoS attacks against jabber.org
Jesse Thompson
jesse.thompson at wisc.edu
Sat Feb 8 22:32:47 UTC 2014
On 2/7/14, 9:32 AM, David Banes wrote:
> To get back on topic :)
>
> Why don't we work up a top level XSF policy that say's badly behaving
> servers will be blacklisted, and actually run a black list along the
> lines of Spamhaus;
>
> http://www.spamhaus.org
>
> We can then publish the list, make diffs available via a simple API, and
> wrap that in a process allowing blacklisted server/services to get off
> the list. This process sort of works in email land.
>
> Yes we'll have FP's and FN's and yes someone has to build and run it.
> But at least then we're offering something of value to existing and
> potential new XSF members as well as being seen to do something about
> the problem.
>
> All the discussions about how various services and servers manage there
> own traffic, or don't, can be on another list.
I prototyped a DNSBL-based process of allowing clients to query the data
from the XMPP Observatory (not for spam blocking, but rather to allow
servers and clients to get information about the TLS capabilities of
other servers). Different types of data could be hosted by a DNSBL for
different purposes - anti-spam, whitelisting, or whatever - was my
thought for a long term plan.
But alas, too many distractions at $work, so I never found the time to
demonstrate it.
It's not that hard to host a DNSBL, technically. It should be fairly
simple for servers to query it. Logistics is the hard part. Someone
has to figure out the submission and de-listing process and implement a
web app + database. Server hosting costs with DDOS protection is
another consideration.
I'm willing to scrounge together some free cycles if there is interest
in pursuing a community driven effort on a DNSBL.
Jesse
More information about the Operators
mailing list