Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mod_block_strangers shoud bounce instead of silently dropping #2197

Closed
ge0rg opened this issue Jan 2, 2018 · 6 comments · Fixed by #2202
Closed

mod_block_strangers shoud bounce instead of silently dropping #2197

ge0rg opened this issue Jan 2, 2018 · 6 comments · Fixed by #2202
Assignees
@alexeyshch
Milestone
ejabberd 18.01

Comments

@ge0rg
Copy link

ge0rg commented Jan 2, 2018

What version of ejabberd are you using?

17.09 (on a remote server that I'm trying to contact)

What did not work as expected? Are there error messages in the log? What
was the unexpected behavior? What was the expected result?

The server is deploying mod_block_strangers in the default configuration.

Messages sent to (existing) users on that server silently disappear. It is not clear to the sender if the messages are stored in offline storage, if the user just doesn't react, or if the messages are blocked.

Messages sent to non-existing users are bounced with 503 - cancel: Service unavailable.

This imposes two problems:

  • you don't know if your receipient got your message (which is really bad for XMPP, where we struggle with the reliability of message delivery already)
  • it is possible to enumerate user accounts by differentiating between silence and 503 responses.

Please change the behavior of mod_block_strangers to:

  • bounce blocked messages to existing users with an error
  • bounce messages to non-existing accounts with the same error

A naive suggestion would be: policy-violation "Messages from strangers are blocked on this server."
(https://xmpp.org/rfcs/rfc6120.html#stanzas-error-conditions-policy-violation)
@horazont
Copy link

horazont commented Jan 2, 2018

"Account does not exist or rejects messages from strangers" would be a bit more useful for diagnostics while still not giving away any more information.

@badlop
Copy link
Member

badlop commented Jan 3, 2018

I guess something like this. But if it wasn't implemented that way initially, I imagine it was for a good reason...

diff --git a/src/mod_block_strangers.erl b/src/mod_block_strangers.erl
index b2c56f36b..3e0233802 100644
--- a/src/mod_block_strangers.erl
+++ b/src/mod_block_strangers.erl
@@ -65,7 +65,9 @@ filter_packet({#message{from = From} = Msg, State} = Acc) ->
 	false ->
 	    case check_message(Msg) of
 		allow -> Acc;
-		deny -> {stop, {drop, State}}
+		deny ->
+		    ejabberd_router:route_error(Msg, xmpp:err_service_unavailable()),
+		    {stop, {drop, State}}
 	    end;
 	true ->
 	    Acc

@weiss
Copy link
Member

weiss commented Jan 3, 2018

you don't know if your receipient got your message (which is really bad for XMPP, where we struggle with the reliability of message delivery already)

I agree we should return an error message for this reason. But ...

it is possible to enumerate user accounts by differentiating between silence and 503 responses.

Is this really a problem? Assuming mod_offline and/or mod_mam is enabled, you can do the same thing without mod_block_strangers, no? So I don't think we need to bounce messages to non-existing accounts with the same error.

weiss added a commit to weiss/ejabberd that referenced this issue Jan 3, 2018
@weiss
mod_block_strangers: Bounce an error message
031232d 
Return a stanza error when a message is rejected, in order to make
legitimate users aware of the issue.

Closes processone#2197.
@weiss weiss mentioned this issue Jan 3, 2018
Merged
@cromain cromain added this to the ejabberd 18.x milestone Jan 3, 2018
weiss added a commit to weiss/ejabberd that referenced this issue Jan 3, 2018
@weiss
mod_block_strangers: Bounce an error message
8353607 
Return a stanza error when a message is rejected, in order to make
legitimate users aware of the issue.

Closes processone#2197.
@cromain cromain modified the milestones: ejabberd 18.x, ejabberd 18.01 Jan 5, 2018
@ge0rg
Copy link
Author

ge0rg commented Jan 24, 2018

P.S: please don't bounce type=error and let type=groupchat pass through ;-)

@weiss
Copy link
Member

weiss commented Jan 24, 2018

please don't bounce type=error

I don't think we do?

let type=groupchat pass through

I'm not sure we really want that. What's the advantage?

@lock
Copy link

lock bot commented Jun 9, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jun 9, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@alexeyshch alexeyshch

Labels
None yet
Projects
None yet
Milestone
ejabberd 18.01
Development

Successfully merging a pull request may close this issue.

mod_block_strangers: Bounce an error message weiss/ejabberd
6 participants
@weiss @badlop @ge0rg @horazont @cromain @alexeyshch