08.09.2010 08:36, Peter Viskup wrote:
I have evidence of these '40tman_rullez' accounts being created on
jabber.sk server for last weeks.
Most of connections of '40tman_rullez' accounts are made from IPs
188.168.78.102, 188.168.78.162, 81.177.33.11...
But there are also others e.g.:
[email protected]
Most of connections of 'ws_conference_jabber_ru' accounts are made
from IPs 109.169.251.0, 82.146.63.108, 95.67.179.109...
Thank you for the info!
All listed IPs are registered in Russia.
These accounts are probably causing also the increased network
utilization on our server (4Mb/s in peaks).
Let me know if any other information could help you to find the way
how to fight against this. Do you have any recommendation how to
prevent these accounts to be created on our server? I do not like to
implement CAPTCHA nor filtering IPs.
The only way I know is to disable iq:register and provide web-based
registration only (with CAPTCHA). Well, of course, as Yann said, it is
possible to improve in-band registration modules to support CAPTCHA, but
there are too little clients supporting it. Also the good approach is to
register one account per one confirmation email. My bad, but we don't
have such feature on jabber.ru :( Seems like it is the time to implement
it...
--
Regards,
Evgeniy Khramtsov, ProcessOne.
xmpp:[email protected].
