[Operators] Spamming/Bots on XMPP
Marcel Kleinfeller
marcel at oompf.de
Tue Feb 10 05:23:02 UTC 2015
Yes, you can turn on Captchas or limit the number of registrations from one IP within 24 hours.
Captchas also work in-band (ejabberd).
Am 9. Februar 2015 23:11:35 MEZ, schrieb JC Brand <lists at opkode.com>:
>Perhaps a naive question, but is this with a captcha enabled?
>
>On 09 Februarie 2015 10:48:23 nm. CET, Arsimael Inshan <ai at jhml.de>
>wrote:
>>Hello everyone.
>>
>>During the last days/weeks/month I have to deal with a shitloiad of
>>bots, register account after account on my domains.
>>I watched this and found out a good solution: They all register random
>
>>accounts with a 5-7 username like
>>
>>xio5edx at DOMAIN.COM
>>
>>And they come from these IP Addresses:
>>
>>108.59.11.84 web28.webfaction.com
>>109.233.123.48 lumiere.etabeta.it
>>112.198.64.34 112.198.64.34
>>162.251.83.39 vps.manchesterwebhosting.co.uk
>>176.126.252.12 aurora.enn.lu
>>192.220.23.237 enetcr08.securesites.net
>>193.200.173.5 s9.freehost.com.ua
>>193.219.160.2 main.ktc.lt
>>194.0.200.11 194.0.200.11
>>194.126.183.156 1,94126E+11
>>195.70.35.245 x-page.hu
>>198.65.30.250 trgserver1.expressivetek.com
>>208.113.231.237 fir.dreamhost.com
>>208.67.250.171 www.px2online.com
>>209.68.5.179 douhisi.pair.com
>>212.98.187.70 212.98.187.70
>>217.160.253.33 server4shop.de
>>217.196.220.2 kopr.nettle.cz
>>27.109.94.214 27.109.94.214
>>46.37.21.123 host123-21-37-46.serverdedicati.aruba.it
>>49.212.76.195 49.212.76.195
>>50.63.152.96 ip-50-63-152-96.ip.secureserver.net
>>62.183.104.5 www2.astranet.ru
>>64.13.192.11 cl02.gs01.gridserver.com
>>66.135.38.154 server1.shoppinglistexpress.com
>>66.180.162.9 ded1009-lin-162-9.netsonic.net
>>72.3.217.177 72.3.217.177
>>74.80.172.122 122.smart-dns.net
>>81.169.162.116 h1599023.stratoserver.net
>>81.90.37.146 146-37-90-81.rt.cmo.de
>>82.165.137.178 s16554760.onlinehome-server.info
>>82.211.19.143 server5.4pc.eu
>>83.125.28.180 ix-180.myrack.q-nic.de
>>83.144.92.212 mail.brandcomm.pl
>>83.87.37.237 535725ED.cm-6-8a.dynamic.ziggo.nl
>>84.120.254.236 84.120.254.236.dyn.user.ono.com
>>85.152.33.147 cm-staticIP-85-152-33-147.telecable.es
>>85.196.241.198 dmbackup.stv.ee.241.196.85.in-addr.arpa
>>91.223.240.83 91.223.240.83
>>93.176.82.58 93.176.82.58
>>94.75.112.152 94.75.112.152
>>96.56.83.114 webmail4.mbi-inc.com
>>
>>
>>I allready cleared this list from TOR exit nodes and random enduser
>>connections, but these IP Addresses are the main part. I had nearly
>15k
>>
>>registrations in the last month just from those addresses.
>>I allready wrote to the Admins of these domains/Servers, informing
>tham
>>
>>that there are bots on their servers.
>>
>>Anyone else having problems with spammers lately?
>>
>>--
>>A. Inshan
>>IT-Consultant
>>
>>email: ai at jhml.de
>>web: https://www.it-native.de (german)
>>-----------------------------------------------------------------
>>This e-mail may contain confidential and/or privileged
>>Informations. If you are not the intended recipient, please
>>immediately inform the sender and delete this mail. Any
>>unauthorized copying, disclosure or distribution of this Mail
>>is not allowed.
>>-----------------------------------------------------------------
>
>--
>Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail
>gesendet.
--
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20150210/aa055b11/attachment.html>
More information about the Operators
mailing list