On Thu, Mar 21, 2013 at 2:03 PM, Maxim Ignatenko <[email protected]> wrote: > On 21 March 2013 13:44, Jesse Thompson <[email protected]> wrote: >> On 3/20/2013 6:09 PM, Peter Viskup wrote: >>> Did anybody performed some investigation and proved which servers are >>> used for these attacks and if all of them are IBR-enabled? I'm not aware >>> of anybody - didn't see list of the servers. >> >> Apparently not. > > jabber.kiev.ua have IBR enabled and protected by CAPTCHA.
Interestingly (or maybe not) jabber.kiev.ua wasn't on the list of servers I sent out that I'd see automated MUC attacks from. I guess we need protection both from automated attacks and from manual ones. Disabling automated IBR only protects (partially) against the automated ones. The 300 number is interesting - I wonder why they did that. Do you have any information about these subscriptions? Did they seem to be to randomly generated users on gmail? Did they contain messages? /K
