I'm running my own jabberd2 server since a couple of months. For the
past 2-3 weeks I've been starting to receive XMPP spam (a couple of
times per week). Is there some configuration that could help here, or
do how people handle this? Sample s2s log output below (IP and hostname
of spammer de-identified; josefsson.org is my domain, jabber.spammer.net
is the remote server).
/Simon
Mon Nov 9 14:54:20 2015 [notice] [13] [1.2.3.4, port=43000] incoming connection
Mon Nov 9 14:54:20 2015 [notice] [13] [1.2.3.4, port=43000] incoming stream
online (id tbk0g818v3kzf67dr8tehwxcp1q2zbisn3t4cuc8)
Mon Nov 9 14:54:20 2015 [notice] [13] [1.2.3.4, port=43000] incoming stream
online (id x8d4fqvoj95g7i5kr07utc7opflmozr4pns9)
Mon Nov 9 14:54:20 2015 [notice] [13] [1.2.3.4, port=43000] received dialback
auth request for route 'josefsson.org/jabber.spammer.net'
Mon Nov 9 14:54:20 2015 [notice] dns lookup for jabber.spammer.net returned 1
result (ttl 6012)
Mon Nov 9 14:54:20 2015 [notice] [14] [1.2.3.4, port=5269] outgoing connection
for 'jabber.spammer.net'
Mon Nov 9 14:54:20 2015 [notice] [14] [1.2.3.4, port=5269] sending dialback
auth request for route 'josefsson.org/jabber.spammer.net'
Mon Nov 9 14:54:20 2015 [notice] [16] [1.2.3.4, port=39052] incoming connection
Mon Nov 9 14:54:20 2015 [notice] [16] [1.2.3.4, port=39052] incoming stream
online (id fudo3l9ulhoftw3icp50ow4djwmgubla6yyak845)
Mon Nov 9 14:54:20 2015 [notice] [16] [1.2.3.4, port=39052] incoming stream
online (id tlipo11e62236gm233xfp7ln6w8e0d3tzmjnnk2u)
Mon Nov 9 14:54:21 2015 [notice] [16] [1.2.3.4, port=39052] checking dialback
verification from jabber.spammer.net: sending valid
Mon Nov 9 14:54:21 2015 [notice] [14] [1.2.3.4, port=5269] outgoing route
'josefsson.org/jabber.spammer.net' is now valid, TLS negotiated
Mon Nov 9 14:54:21 2015 [notice] [13] [1.2.3.4, port=43000] incoming route
'josefsson.org/jabber.spammer.net' is now valid, TLS negotiated
Mon Nov 9 14:56:20 2015 [notice] [16] [1.2.3.4, port=39052] no dialback started
Mon Nov 9 14:56:20 2015 [notice] [16] [1.2.3.4, port=39052] disconnect,
packets: 1
signature.asc
Description: PGP signature