On 12/21/09 12:00 PM, Matthew Wild wrote: > 2009/12/21 Jesse Thompson <[email protected]>: >> On 12/21/2009 12:39 PM, Badlop wrote: >>>> On 2009/12/21, at 18:23, Jesse Thompson wrote: >>>>> We currently do not publish SRV records for our muc service in our >>>>> domains, which effectively keeps external users out of our rooms. >>> The change pointed by Pedro is simple, replace: >> <snip> >> >> Thanks for the tip. >> >> If we keep the configuration the same and we publish in DNS, how likely is >> it that spammers and trolls will abuse our rooms? >> > > How likely is it that it's going to rain tomorrow? A lot of people > think they might know, but probably the only certain thing is that it > will happen at some point :) > > Think about it from the ground up... where will the spammer find your > server/conference address? If it's public and in some list then it's > certainly going to happen sooner or later (we've already seen it on > jabber.org). It's not very common, but it happens every now and then. > > If your server isn't so easy to find then perhaps you'll be safe for a > while, who knows? :)
Also, you can typically configure rooms so that they are not published in disco#items (or do that by default for all rooms at your service). Then, even if someone can join a room from another domain, they won't know which rooms to join unless you publicize a specific room address. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
