[Operators] Annoying spam
Valerian Saliou
valerian at valeriansaliou.name
Tue Nov 10 18:40:40 UTC 2015
Those guys might be using the public VJUD directory services. A chunked search on username > a* ; then b* - to z* + number* might help them gathering a massive amount of JIDs.
I don’t see any major issue in setting up a bot that crawls a public list of servers, such as XMPP.net, discovering the server’s services, picking up those offering a VJUD and then searching for chunks on those VJUDs. Boom, that’s a list of JIDs to spam, there’s no easier way.
I’ll temporary close down Jappix.com VJUD as a preventive attempt to mitigate this ; but the addresses already leaked - at least those of people who explicitly chose to appear in the list (default is “do not appear").
If I recall well, ejabbed’s VJUD lists all users by default, unrespectful of any personal choice (whether to appear in directory / or not). Jappix.com is not using ejabbed but my account (which is being spammed) appears in the directory. It would be great to get more insights about that (whether some people not appearing in a targeted server’s VJUD also get spammed or not).
Cheers,
--
Valerian Saliou
Crisp Communications
Looking for my contact details?
On November 10, 2015 at 6:20:20 PM, Sam Whited (sam at samwhited.com) wrote:
On Tue, Nov 10, 2015 at 11:02 AM, Peter Saint-Andre <peter at andyet.net> wrote:
> I wonder why this has changed recently (aside from the usual story about the
> economics of spam). How are these XMPP addresses being gathered? Are they
> merely being guessed at, or is there something more nefarious going on? For
> example, although this is pure speculation: are there servers on the network
> that are leaking JIDs?
There also seems to have been an uptick in a number of non-commercial
but still somewhat spammy users (I hesitate to say, "trolls", but it
may be accurate) in some of the various common XSF/software related
rooms many of us idle in. Of course, the two may not have anything to
do with one another (or I may just be imagining it and it's really
it's just one or two very vocal users), but I wonder if there was some
media coverage or something that's causing an influx in the network.
Have any public server operators noticed a spike in registrations over
the last few weeks?
—Sam
--
Sam Whited
pub 4096R/54083AE104EA7AD3
https://blog.samwhited.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20151110/b300603a/attachment-0001.html>
More information about the Operators
mailing list