Interesting post (thanks):
> I suggest that we take this to the 'security' Jabber mailing list.
Is there one - what's the address?
Wouldn't the solution be that all servers and transports have to do some
Public Key based authentication on first connection?
Personally I'm fairly new to messagin
> Is there one - what's the address?
>
> Wouldn't the solution be that all servers and transports have to do some
> Public Key based authentication on first connection?
>
> Personally I'm fairly new to messaging and became interested more from the
> live XML data communications face of Jabber, and
> What I would recommend if you want to protect your users from messages
> of this type is blocking all messages from people not on the roster,
> this should be fairly watertight... Maybe things could be setup so
> that all messages received from users not on the roster are forwarded
> to another
, 2001 10:05 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [JDEV] Kid-safe messaging: [was buddy icons]
> What I would recommend if you want to protect your users from messages
> of this type is blocking all messages from people not on the roster,
> this should be fairly watertight...
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Sent: Wednesday, April 11, 2001 5:05 PM
>
> However, even though spam isn't a problem yet on the
> Jabber network, there will come a day when it is does
> become a problem. Once there are enough users of
> Jabb
Agreed. Spam doesn't have to be a problem with jabber or any IM that allows one to
reject messages or even subscription requests from unknowns.
4/11/01 10:43:40 PM, "Neeme Praks" <[EMAIL PROTECTED]> wrote:
>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
>> Se
> Part of the problem is that ICQ numbers are assigned sequentially,
> this is how they can easily target new accounts (the reason that you
> get loads of e-mails requesting you credit card number when you sign up
> for compuserve).
I don't get any SPAM. iCQ (offical client that is) has several o
Actually, I like the thought of rate-limiting. If they can only send two subscription
requests per minute, they would be discouraged from trying to bulk-subscribe. Also, if
they could only resolve two search matches per minute, they would be discouraged from
walking the list and bulk-messaging.
TED]
> Date: Wed, 11 Apr 2001 17:16:42 +0100
> To: <[EMAIL PROTECTED]>
> Subject: Re: [JDEV] Kid-safe messaging: [was buddy icons]
>
>> Part of the problem is that ICQ numbers are assigned sequentially,
>> this is how they can easily target new accounts (the reason that
> Ah, but have you tried downloading and registering an new ICQ account?
Sure
> when you have set it up it's OK, but as soon as you have registered a new
> account within a few seconds you get spam'd!
Not wanting to turn this list into a spam discussion, but I have a very low
iCQ number, and you'
>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
>> Sent: Wednesday, April 11, 2001 5:05 PM
>>
>> However, even though spam isn't a problem yet on the
>> Jabber network, there will come a day when it is does
>> become a problem. Once there are enough users of
> Actually, I like the thought of rate-limiting. If they can only send two
>subscription requests per minute, they would be discouraged from trying to
>bulk-subscribe. Also, if they could only resolve
> two search matches per minute, they would be discouraged from walking the list and
>bulk-mes
>> Ah, but have you tried downloading and registering an new ICQ account?
> Sure
>> when you have set it up it's OK, but as soon as you have registered a new
>> account within a few seconds you get spam'd!
>
> Not wanting to turn this list into a spam discussion, but I have a very low
> iCQ number
On Wednesday, April 11, 2001, at 09:02 AM, Thomas Parslow (PatRat) wrote:
why do you think it will become an issue if the user itself is careful
enough? It definitely isn't easy to guess the account names on Jabber, as it
is the case with ICQ.
But that relies on every user knowing what they're do
Interesting, I think I'd like to implement something along these lines, but
needs pinning down...
> One big vague architectural solution is to establish some kind of "web
> of trust" where transitive buddyhood ([EMAIL PROTECTED] is unknown to me but
> is on one of my buddy's buddy lists) is used
> How about having a way for a client to report a message as spam, it
> could send back an with the message content and sender, then if
> one user or message is reported many times as spam it will start to be
> blocked, have to be thought out well so as to not allow loop holes for
> abuse.
I lik
On Wednesday, April 11, 2001, at 01:17 PM, Todd Bradley wrote:
I like the idea. But what's to stop that user from just creating a new JID?
We might just see a lot of one-time JIDs pop up as happens with email spam
now.
If Jabber really takes off, someone will create a special Jabber server for
17 matches
Mail list logo
