Jonas, On 2012-02-20 17:41, Jonas Ådahl wrote: > Today my server was bombarded with thousands of subscription requests > from various different XMPP domains[0] resulting in it crashing. Also > with these requests came identical messages[1]. All of the accounts > looks like [random characters]@domain.com such as > [email protected]. Seems like all of the requests were > directed at one user.
Is it possible to draw up a list of accounts that took part in the attack and send those accounts to the corresponding server-admins, at least if they are known? Does anyone know what this subscription message means? > To prevent future attacks of this kind I have enabled functionality > preventing flooding of subscription packets (mod_pres_counter in > ejabberd) and urge others who haven't to do the same. Thats an ejabberd-plugin included in one of the most recent ejabberd versions. All in all capabilities for fighting abusive automated messages are unfortunately very poor in all servers. I really think devs should improve that situation. greetings, Mati -- twitter: @mathiasertl | soup: http://soup.er.tl | xing: Mathias Ertl I only read plain-text mail! I prefer signed/encrypted mail!
smime.p7s
Description: S/MIME Cryptographic Signature
