Jesus Cea wrote: > I think stpeter is talking more in the line of "I'm receiving abusing > traffic from [EMAIL PROTECTED] I don't want to punish ALL @YYYY users. I > rather > prefer to send a control stanza to @YYYY server asking for banning > [EMAIL PROTECTED] traffic to me, giving a reason". The @YYYY server could > sent to > [EMAIL PROTECTED] user an inmediate notification message for each sending try, > like currently we do with the offline message storing (but these > notifications would be sended by the @YYYY server, not the remote one), > dropping the messages locally.
I think I'm talking about something like "Hey YYYY, I am receiving abusing traffic from [EMAIL PROTECTED] I don't want to punish ALL @YYYY users. I am going to bounce stanzas from [EMAIL PROTECTED] with a <not-acceptable/> stanza error with a special application-specific condition. Take that as you please. However if I continue to receive these abusive stanzas, I may send you a <policy-violation/> *stream* error and close the s2s connection." Naturally, if I return a number of error stanzas then I have increased the number of stanzas being exchanged, which (you could argue) induces a multiplication attack. But the origin server now feels the pain as well, and it can take local action based on my abuse reports. That may be some kind of traffic filtering, it may be warning the local user or ending their local session, etc. Right now I'm not as interested in that problem and more interested in the simple matter of abuse reporting. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature