On 11/10/15 8:30 AM, Simon Josefsson wrote:
Sam Whited <[email protected]> writes:
This doesn't answer the question directly, but I've been keeping a
list of JIDs that I've seen sending spam:
https://bitbucket.org/snippets/SamWhited/rLqKB/spammy-jids
Feel free to add to it (I think you can do that with snippets? If not
I'll move it to a wiki page). I'm probably just going to start
blocking any server that has open registration which doesn't require
at least a captcha.
Thank you. Inspired by your page I created the following page (on
gitlab as I don't want to rely on a non-free service like bitbucket) to
document the JIDs that spammed me.
https://gitlab.com/snippets/10433
Has anyone documented how to use a list like this to ban certain
JIDs/servers? Doing that is probably server-dependent, but still it
might be possible to discuss it generally. There may be opportunity to
create a DNS-based blacklist out of this as well.
Hi Simon,
First, I'm sorry that you (and others) are experiencing spam. On the
Free-RTC list you wrote:
I'm operating my own xmpp/jabber server since a few months ago,
and I have began receiving spam. This seems like a generic
problem affecting anyone operating open/federated xmpp/jabber
servers.
In fact this problem is quite recent - we had essentially no spam on the
XMPP network for 15+ years.
I wonder why this has changed recently (aside from the usual story about
the economics of spam). How are these XMPP addresses being gathered? Are
they merely being guessed at, or is there something more nefarious going
on? For example, although this is pure speculation: are there servers on
the network that are leaking JIDs?
Peter
