Re: XMPP SPAM
Simon Josefsson writes: > I'm running my own jabberd2 server since a couple of months. For the > past 2-3 weeks I've been starting to receive XMPP spam (a couple of > times per week). Is there some configuration that could help here, or > do how people handle this? Sample s2s log output below (IP and hostname > of spammer de-identified; josefsson.org is my domain, jabber.spammer.net > is the remote server). I wonder if greylisting could help. I almost never receive incoming jabber messages from people that I don't already have on a roster. So a delay of 30m would be ok for new presence requests. But I realize that kind of breaks the I in IM. Another thought is an IP-address-based RBL, like the ones used for spam. signature.asc Description: PGP signature
Re: XMPP SPAM
Sergio Durigan Junior writes: > On Monday, November 09 2015, Simon Josefsson wrote: > >> I'm running my own jabberd2 server since a couple of months. For the >> past 2-3 weeks I've been starting to receive XMPP spam (a couple of >> times per week). Is there some configuration that could help here, or >> do how people handle this? Sample s2s log output below (IP and hostname >> of spammer de-identified; josefsson.org is my domain, jabber.spammer.net >> is the remote server). > > fail2ban is a good solution for this. What would the rule to detect spam be? Perhaps I would want spamassassin (or something similar) to be run on the content, and after that trigger a fail2ban rule. I haven't been able to find any guides on doing this out there though. /Simon signature.asc Description: PGP signature
Re: XMPP SPAM
On Monday, November 09 2015, Simon Josefsson wrote: > I'm running my own jabberd2 server since a couple of months. For the > past 2-3 weeks I've been starting to receive XMPP spam (a couple of > times per week). Is there some configuration that could help here, or > do how people handle this? Sample s2s log output below (IP and hostname > of spammer de-identified; josefsson.org is my domain, jabber.spammer.net > is the remote server). fail2ban is a good solution for this. -- Sergio GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36 Please send encrypted e-mail if possible http://sergiodj.net/ signature.asc Description: PGP signature
Re: XMPP SPAM
Dnia 2015-11-09, pon o godzinie 21:18 +0100, Simon Josefsson pisze: > how people handle this? My solution is: # firewall-cmd --permanent --add-rich-rule="rule family=ipv4 source address=193.105.240.126 reject" -- /o__ Is truth not truth for all? (_<^' the Sky", stardate 5476.4. signature.asc Description: This is a digitally signed message part