I understand why Google Talk has this policy, so I'm not going to
argue
them out of it. But it does introduce complications.
*Maybe* we need to consider addressing the valid reasons that
Google Talk feels it needs this policy, rather than handling the
symptoms of the policy? Can we solve the real problem? i.e. can we
create enough anti-spim protocols and/or infrastructure to make
Google (and everyone else) confident enough to relax this policy?
How many servers and clients implement privacy lists, or blocklists?
I would guess that's perhaps the reason Google Talk feels they need
this policy, given that they welcome people using other XMPP clients
on their service.
Google Talk is particularly vulnerable as it's a very large target --
arguably one of the most-prominent XMPP servers on the net, if not /
the/ most -- and because a person's Gmail address (readily
harvestable from many places where people post using those) stands a
good chance of being an active Google Talk JID.
Thus, it's potentially a large SPIM target. Many targets, plus the
ready accessibility of harvestable information to put together a list
of probable targets, is like painting a bulls-eye.
By restricting messages to those already on the list, you make it
Just Work, rather than having to rely on client implementations of
blocking.
That would be my guess, anyway. (Sean? Anyone?)
--
Rachel Blackman <[EMAIL PROTECTED]>
Trillian Messenger - http://www.trillianastra.com/
