subject:"Re\: XMPP SPAM"

Re: XMPP SPAM

2015-11-10 Thread Simon Josefsson

Sergio Durigan Junior  writes:

> On Monday, November 09 2015, Simon Josefsson wrote:
>
>> I'm running my own jabberd2 server since a couple of months.  For the
>> past 2-3 weeks I've been starting to receive XMPP spam (a couple of
>> times per week).  Is there some configuration that could help here, or
>> do how people handle this?  Sample s2s log output below (IP and hostname
>> of spammer de-identified; josefsson.org is my domain, jabber.spammer.net
>> is the remote server).
>
> fail2ban is a good solution for this.

What would the rule to detect spam be?  Perhaps I would want
spamassassin (or something similar) to be run on the content, and after
that trigger a fail2ban rule.  I haven't been able to find any guides on
doing this out there though.

/Simon

signature.asc
Description: PGP signature

Re: XMPP SPAM

2015-11-10 Thread Greg Troxel

Simon Josefsson  writes:

> I'm running my own jabberd2 server since a couple of months.  For the
> past 2-3 weeks I've been starting to receive XMPP spam (a couple of
> times per week).  Is there some configuration that could help here, or
> do how people handle this?  Sample s2s log output below (IP and hostname
> of spammer de-identified; josefsson.org is my domain, jabber.spammer.net
> is the remote server).

I wonder if greylisting could help.  I almost never receive incoming
jabber messages from people that I don't already have on a roster.  So a
delay of 30m would be ok for new presence requests.  But I realize that
kind of breaks the I in IM.

Another thought is an IP-address-based RBL, like the ones used for spam.

signature.asc
Description: PGP signature

Re: XMPP SPAM

2015-11-09 Thread Tomasz Sterna

Dnia 2015-11-09, pon o godzinie 21:18 +0100, Simon Josefsson pisze:
> how people handle this?

My solution is:
# firewall-cmd --permanent --add-rich-rule="rule family=ipv4 source 
address=193.105.240.126 reject"


-- 
 /o__ Is truth not truth for all?
(_<^'  the Sky", stardate 5476.4.



signature.asc
Description: This is a digitally signed message part

Re: XMPP SPAM

2015-11-09 Thread Sergio Durigan Junior

On Monday, November 09 2015, Simon Josefsson wrote:

> I'm running my own jabberd2 server since a couple of months.  For the
> past 2-3 weeks I've been starting to receive XMPP spam (a couple of
> times per week).  Is there some configuration that could help here, or
> do how people handle this?  Sample s2s log output below (IP and hostname
> of spammer de-identified; josefsson.org is my domain, jabber.spammer.net
> is the remote server).

fail2ban is a good solution for this.

-- 
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF  31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
http://sergiodj.net/


signature.asc
Description: PGP signature

Re: XMPP SPAM

Re: XMPP SPAM

Re: XMPP SPAM

Re: XMPP SPAM

4 matches

Site Navigation

Mail list logo

Footer information