Hi folks, Last night we had someone attempt to flood the Prosody chatroom. Our rate limiting kicked in and logged all the JIDs for us, so no real harm was caused to us. That said, I know that some of the originating servers crashed during the flooding, and another server that was a victim of flooding crashed.
The JIDs came from these servers: https://prosody.im/pastebin/4e851d20-c761-4bd7-a587-72dac84ca780 (the numbers reflect the number of JIDs on that server). If you want a full list of JIDs on your server, let me know (hint: they all consist of full-width unicode characters). I doubt many of the admins of these servers are on this list, but I know some are. Please tighten your registration if you haven't already. The simplest and easiest solution goes a long way - enable registration throttling. In ejabberd this is something like: {registration_timeout, 3600}. In Prosody: min_seconds_between_registrations = 3600 On a related note I've been working on a project to allow secure web registration for all public servers that opt in. It's nearing completion, and I would like to start beta testing soon. I'm looking for a few initial servers to start with. If you are a public server admin struggling to secure your account registration against spammers and you want to take part in the experiment, please email me off-list and I'll contact you when we're ready. Regards, Matthew
