Re: Spim is increasing for debian.org
Quoting Matthew Wild <mwild1@gmail.com>:
There is a basic anti-spam script
bundled with mod_firewall, which will filter out some things.
It's
/usr/lib/prosody/modules/mod_firewall/scripts/spam-blocking.pfw
I assume?
We can just start with this one, but I fear, that the current spam is
immune against it.
Interesting: Last year, regular spam dropped massively and invitation
spam became popular. Now the pendulum swings back.
Repeat
offenders will be listed at https://github.com/JabberSPAM/blacklist
(note, this is new and there are no entries yet).
Server names can be added to the firewall rules, right? Maybe we can
collect suspicious servers in the Debian context and use that for a
while. After all, a false positive is not as harmful as in email,
because validated contacts would work anyway.
[*] blocking all messages from non-contacts is currently an effective
step, though not an ideal one. Currently this can only be configured
server-wide, but I'm looking into making it possible for users to
configure this themselves on a per-account basis.
Yes, we discussed this a long time ago, but "block-strangers" for all
@d.o accounts was not acceptable. A per-user switch would be very nice
and useful!
People who use XMPP on their mobiles are more hurt by spam then those
old-school PC users like myself.
Anyway, let me know if there's anything I can help with.
Yes, any help welcome! E.g. if one of the admins writes a pfw file or
changes the default one, you could review it. And make the per-user
block-strangers happen! :)
Cheers & many thanks!
Reply to: