[ejabberd] Your server is a part of spammer/flood botnet!

Mickaël Rémond mickael.remond at process-one.net
Sun May 4 17:25:26 MSD 2008


Hello,

Please find attached my reply to the operator list.

As a summary, we advise against using SVN version for production  
system. It can do more bad that good, because you are not garanteed  
that the version you will checkout from SVN trunk will even work.

The problem described there is about In Band Registration and is valid  
for all servers: By enablng In Band Registration in your XMPP server,  
you open your server to anyone. This person can be friendly or not.  
That's why we also recommand not to use InBand Registration in the  
current state unless you want to accept anyone without control on your  
server.
The most commonly used way is web registration develop to enforce the  
server policy.
We are also working with Peter Saint Andre to improve those inband  
registration mecanisms.

Read my reply further for details on what to expect with the patches  
and when it will be available in ejabberd 2.0 stable branch.

I hope this helps,

Le 4 mai 08 à 05:24, Peter Saint-Andre a écrit :

> On 05/03/2008 9:05 AM, Anastasia Gornostaeva wrote:
>> Hello.
>>
>> To all admins of ejabberd servers:
>>
>> Please upgrade your ejabberd server up to latest svn version! There  
>> in
>> ejabberd svn is a good patch which limits client registration from  
>> one IP and,
>> can block that IP for some time.
>>
>> Also, in latest SVN there was fixed a serious bug in traffic  
>> shapper in MUC: now
>> nobody can quickly throw a message immediately after entering to a  
>> MUC room.
>>
>> Thanks.
>
> No, thank you!
>
>> p.s to stpeter: if there exists a federation of jabber servers  
>> still, please
>> inform them.
>
> I have forwarded this to the operators at xmpp.org list.
>
> Peter
>
> -- 
> Peter Saint-Andre
> https://stpeter.im/
>
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd

-- 
Mickaël Rémond
  http://www.process-one.net/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jabber.ru/pipermail/ejabberd/attachments/20080504/d08d95df/attachment.htm 


More information about the ejabberd mailing list