Software / code / prosody-modules
Changeset
6063:b04518fa0987
mod_report_tracker: Keep track of spam/abuse reports about local JIDs
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 25 Nov 2024 13:12:20 +0000 |
| parents | 6062:fb2ba31a4e26 |
| children | 6064:765e0235c202 |
| files | mod_report_tracker/README.markdown mod_report_tracker/mod_report_tracker.lua |
| diffstat | 2 files changed, 105 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_report_tracker/README.markdown Mon Nov 25 13:12:20 2024 +0000 @@ -0,0 +1,32 @@ +--- +labels: +- 'Stage-Alpha' +summary: 'Track abuse/spam reports from remote servers' +--- + +This module tracks reports received from remote servers about local user +accounts. The count of reports and the servers they came from is stored for +inspection by the admin or for use by other modules which might take action +against the reported accounts. + +## Configuration + +### Trusted reporters + +You can configure which servers the module will trust reports from: + +``` +trusted_reporters = { "example.com", "example.net" } +``` + +Reports from non-domain JIDs are currently always ignored (even if listed). + +Reports from domain JIDs which are not listed here are logged so the admin +can decide whether to add them to the configured list. + +## Compatibility + +Should work with 0.12, but has not been tested. + +Tested with trunk (2024-11-22). +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_report_tracker/mod_report_tracker.lua Mon Nov 25 13:12:20 2024 +0000 @@ -0,0 +1,73 @@ +local um = require "core.usermanager"; +local jid = require "util.jid"; + +local trusted_reporters = module:get_option_inherited_set("trusted_reporters", {}); + +local reports_received = module:open_store("reports_received"); + +local xmlns_reporting = "urn:xmpp:reporting:1"; + +local function is_trusted_reporter(reporter_jid) + return trusted_reporters:contains(reporter_jid); +end + +function handle_report(event) + local stanza = event.stanza; + local report = stanza:get_child("report", xmlns_reporting); + if not report then + return; + end + local reported_jid = report:get_child_text("jid", "urn:xmpp:jid:0") + or stanza:find("{urn:xmpp:forward:0}forwarded/{jabber:client}message@from"); + if not reported_jid then + module:log("debug", "Discarding report with no JID"); + return; + elseif jid.host(reported_jid) ~= module.host then + module:log("debug", "Discarding report about non-local user"); + return; + end + + local reporter_jid = stanza.attr.from; + if jid.node(reporter_jid) then + module:log("debug", "Discarding report from non-server JID"); + return; + end + + local reported_user = jid.node(reported_jid); + if not um.user_exists(reported_user, module.host) then + module:log("debug", "Discarding report about non-existent user"); + return; + end + + if is_trusted_reporter(reporter_jid) then + local current_reports = reports_received:get(reported_user, reporter_jid); + + if not current_reports then + current_reports = { + first = os.time(); + last = os.time(); + count = 1; + }; + else + current_reports.last = os.time(); + current_reports.count = current_reports.count + 1; + end + + reports_received:set(reported_user, reporter_jid, current_reports); + + module:log("info", "Received abuse report about <%s> from <%s>", reported_jid, reporter_jid); + + module:fire_event(module.name.."/account-reported", { + report_from = reporter_jid; + reported_user = reported_user; + report = report; + }); + else + module:log("warn", "Discarding abuse report about <%s> from untrusted source <%s>", reported_jid, reporter_jid); + end + + -- Message was handled + return true; +end + +module:hook("message/host", handle_report);
