Current 2.6.0 release has some kind of bug, that allows ANONYMOUS login
even when sasl.anonymous is disabled in c2s.xml.
Yesterday I noticed, that spammers are using this bug to send spam via
my server, using ANONYMOUS logins.
I am working on a fix.
This mail is to serve as a warning.
I've been
It is time for next jabberd2 release.
Get 2.6.1 release at GitHub:
https://github.com/jabberd2/jabberd2/releases
This is a security bugfix release.
Make sure to read the NEWS before upgrade:
https://github.com/jabberd2/jabberd2/blob/jabberd-2.6.1/NEWS
This release fixes a bug allowing anyone