Opened at 2008-05-13T01:40:29Z
Last modified at 2013-01-10T08:08:29Z
#411 new enhancement
Harden bitlbee servers against spammers
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | BitlBee | Version: | devel |
| Keywords: | security anti-spam | Cc: | |
| IRC client+version: | Client-independent | Operating System: | Public server |
| OS version/distro: |
Description
Some people seem to be using the public servers for questionable things. We don't want to get our public servers banned because some spammer does a huge spamrun with them. Therefore we should think about making bitlbee (public) servers more resistent against abuse. I have a few suggestions:
1) Implement flood protection (per IP, not per connection), so there is a limit on how much stuff a spammer can send from one machine per second. 2) Do the same for messages sent by each bitlbee account. 3) Implement a better access control mechanism, possibly modeled on IRC K:Lines. 4) Provide richer statistics on what each user is doing, so it becomes easier to spot abuse.
What do you guys think? Flood protection used to be implemented per connection, but I dropped it from -daemon because there were too many problems with the implementation and it wasn't necessary at the time.
flooding - how about using the iptables? I dont think it manages bandwith but connections / second: is that good enough?