Hi, in case anyone is using ejabberd2 and/or possibly MongooseIM (haven't tested this), here is a quick and dirty way to identify those gmail spammers by checking roster subscriptions:
io:format("~p", [
lists:reverse(lists:keysort(2,
[{element(3, hd(R)), length(R)} ||
R <- [mnesia:dirty_index_read(roster, U, us) ||
U <- ejabberd_auth:get_vh_registered_users("VHOST")
],
length(R) > 5,
length(lists:filter(fun(X) -> case element(4, X) of
{_, "gmail.com", _} ->
case element(7, X) of
out -> true;
none -> true;
_ -> false
end;
_ -> false
end
end, R)) > length(R) * 0.95]
))
]).
Replace VHOST with your virtual host.
What this actually does (and yes, I know it's neither performant nor
really beautiful) is to identify users where the roster consists of more
than 95 percent entries targetting gmail.com and are not accepted by the
respective users. In order to be included in this list, the roster has
to have at least 5 entries.
The output list entries are of the following format:
{{username, host}, count_of_items_in_roster}
I hope this helps a few people out there.
a!
PS: If you don't know how to get an Erlang shell please have a look at:
http://www.ejabberd.im/tricks#shell
--
aszlig
signature.asc
Description: Digital signature
