Many server sessions, many more active / current conversations < 1 min

I have server to server communication enabled, unsurprisingly I see many connections to our Openfire (4.0.3) server from unfamiliar servers. I’m unsure what they’re actually doing?

They seem to be facilitating conversations, with users in our domain who have never logged in to our Openfire instance. The conversations ( ~ 100+) all say < 1 min with 1 message and occasionally the domain user in our domain in the conversation doesn’t follow our JID format, e.g. is first.last@domain.com instead of uid@domain.com.

Is this peering? What is it?

Another piece of info I don’t think is relevant, our org is a Google apps user, anyone in that ecosystem, using Gmail for example, is referred to the Google apps XMPP endpoints for our domain, even though our actual DNS XMPP entries point to our Openfire instance. E.g. Other users in Google land are told to talk to our Google users via Google’s infrastructure and not use actual DNS.

Thanks for any info!

sg

Does anyone have any ideas on what all these connections are for?

I am wondering if they are somehow able to appear (to others) to be coming from our server?

The connected servers look mostly to be free public sites offering shells, jabber, etc.

jabber.foss.ntua.gr

jabber.rosaelefanten.org

librenet.uy

jabber.tanjeff.net

jabber.network

Thanks for any info!!

sg