[Operators] Annoying spam

Valerian Saliou valerian at valeriansaliou.name
Tue Nov 10 18:40:40 UTC 2015


Those guys might be using the public VJUD directory services. A chunked search on username > a* ; then b* - to z* + number* might help them gathering a massive amount of JIDs.

I don’t see any major issue in setting up a bot that crawls a public list of servers, such as XMPP.net, discovering the server’s services, picking up those offering a VJUD and then searching for chunks on those VJUDs. Boom, that’s a list of JIDs to spam, there’s no easier way.

I’ll temporary close down Jappix.com VJUD as a preventive attempt to mitigate this ; but the addresses already leaked - at least those of people who explicitly chose to appear in the list (default is “do not appear").

If I recall well, ejabbed’s VJUD lists all users by default, unrespectful of any personal choice (whether to appear in directory / or not). Jappix.com is not using ejabbed but my account (which is being spammed) appears in the directory. It would be great to get more insights about that (whether some people not appearing in a targeted server’s VJUD also get spammed or not).

Cheers,

--

Valerian Saliou
Crisp Communications

Looking for my contact details?

On November 10, 2015 at 6:20:20 PM, Sam Whited (sam at samwhited.com) wrote:

On Tue, Nov 10, 2015 at 11:02 AM, Peter Saint-Andre <peter at andyet.net> wrote:  
> I wonder why this has changed recently (aside from the usual story about the  
> economics of spam). How are these XMPP addresses being gathered? Are they  
> merely being guessed at, or is there something more nefarious going on? For  
> example, although this is pure speculation: are there servers on the network  
> that are leaking JIDs?  

There also seems to have been an uptick in a number of non-commercial  
but still somewhat spammy users (I hesitate to say, "trolls", but it  
may be accurate) in some of the various common XSF/software related  
rooms many of us idle in. Of course, the two may not have anything to  
do with one another (or I may just be imagining it and it's really  
it's just one or two very vocal users), but I wonder if there was some  
media coverage or something that's causing an influx in the network.  

Have any public server operators noticed a spike in registrations over  
the last few weeks?  

—Sam  



--  
Sam Whited  
pub 4096R/54083AE104EA7AD3  
https://blog.samwhited.com  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20151110/b300603a/attachment-0001.html>


More information about the Operators mailing list