[Operators] spam
Georg Lukas
georg at op-co.de
Sat Nov 19 11:44:41 UTC 2016
Hi,
* psjbeisler <psjbeisler at gmail.com> [2016-11-18 20:05]:
> just want to mention ive been getting spam from the following JIDs,
> all in russian, trying to get me to buy stuff.
> just as a PSA if nothing else, if youre the admin please advise, im sure
> theres more.
I've deployed the following mod_firewall rules in prosody to get rid of
the incoming spam messages and to block the backchannel to the spammer
(requires up-to-date prosody-modules to work):
------------------------------------------------------------
# default chain
::deliver
NOT TYPE: groupchat
INSPECT: body
INSPECT: body#~=forum%.benderbay%.com
JUMP_CHAIN=user/abuse
NOT TYPE: groupchat
INSPECT: body
INSPECT: body#~=gidroslonik at 0nl1ne%.at
JUMP_CHAIN=user/abuse
NOT TYPE: groupchat
INSPECT: body
INSPECT: body#~=reklama at jabme%.de
JUMP_CHAIN=user/abuse
NOT TYPE: groupchat
INSPECT: body
INSPECT: body#~=reklama at xabber%.de
JUMP_CHAIN=user/abuse
# packets from local users
::preroute
TO: gidroslonik at 0nl1ne.at
JUMP_CHAIN=user/abuse
TO: reklama at jabme.de
JUMP_CHAIN=user/abuse
TO: reklama at xabber.de
JUMP_CHAIN=user/abuse
# generic block rule
::user/abuse
BOUNCE=not-allowed (Blocked due to abuse)
------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20161119/c9a7e17e/attachment-0001.sig>
More information about the Operators
mailing list