[Operators] Annoying spam

Simon Josefsson simon at josefsson.org
Tue Nov 10 19:25:08 UTC 2015


Peter Saint-Andre <peter at andyet.net> writes:

> Hi Simon,
>
> First, I'm sorry that you (and others) are experiencing spam. On the
> Free-RTC list you wrote:
>
>    I'm operating my own xmpp/jabber server since a few months ago,
>    and I have began receiving spam.  This seems like a generic
>    problem affecting anyone operating open/federated xmpp/jabber
>    servers.
>
> In fact this problem is quite recent - we had essentially no spam on
> the XMPP network for 15+ years.

That was my perception as well, so I was surprised when this happened.

> I wonder why this has changed recently (aside from the usual story
> about the economics of spam). How are these XMPP addresses being
> gathered? Are they merely being guessed at, or is there something more
> nefarious going on? For example, although this is pure speculation:
> are there servers on the network that are leaking JIDs?

I had the same thought -- is there a way for a remote server to find out
valid JIDs by talking to my server?  I should put a tcpdump on my server
to see exactly what these spammers are doing.  I had two connections
From different IP addresses before the first spam hit me.

In my case, the JID is the same as my email address, which probably is
common enough for spammers to try it.  I don't recall having published
any XMPP URIs with my JID, so that web crawlers could find it, but that
is another possibility.

Stepping back a bit, why is it even possible to send messages to
arbitrary people without prior authorization?  I naïvely thought that
the anti-spam property in XMPP was based on having to authorize a
presence subscription for other people before they can send me a
messages.  Wouldn't that work?  Yes, of course, spammers can spam me
with request to add them, but that is a low-signal channel and I'm not
likely to accept by random, and if I accidentally do I can remove them
later on.  At least then I don't get 25 lines of spam garbage displayed
on my cell phone.

/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 472 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/operators/attachments/20151110/c430b869/attachment.sig>


More information about the Operators mailing list