Hi, just to add some (controversial) points to the SPAM debate:
The XSNDR spam is ridiculously easy to filter with some heuristics (and prosody's mod_firewall). I'm blocking north of 10K messages per day on yax.im. If you are still getting spam from XSNDR, your server operator needs some urgent help. I think IBR and presence/roster subscription as general mechanisms are too important for XMPP to lock them down, and any lockdown will make XMPP even harder to use. We need to make the right trade-off between spam fighting and general usability. The biggest problem, right now, is: most server operators don't care (or don't know) about the SPAM emitted by their servers. First, we need to make our servers secure by default: a) Throttle per-IP IBR attempts b) Throttle outgoing presence/messages from "new" clients c) Improve methods for automatic s2s reporting: - mandatory server operator JID publishing - automatic way to report and handle spammer IBR accounts d) Improve ingress s2s spam detection / blocking (I'm currently throttling s2s connections, but that's not ideal). e) Have a public shame list of servers where the admins don't do anything about spam, and use that to degrade their experience in the federated Jabber network. Maybe they don't care now, but they will notice if their users complain - or migrate to other servers. Second, we need to improve our clients: a) Reduce the "noise" created by non-roster messages and presence subscription requests. b) Implement an account-level challenge-response mechanism for first contact. It can be a forms-based CAPTCHA or something like this: - Julia sends a presence subscription to Romeo - Romeo's server sends Julia a pre-defined "security question" message like "Whom did I slay in a duel last week?" - If Julia knows the answer or can obtain it OOB, she responds to the message with "tybalt", and Romeo's server forwards the queued presence subscription request to Romeo's client(s). Romeo would have to define the question and valid answer(s) in advance, and it shouldn't be too hard to get that info for an interested person, but impossible to automate. Obviously, that mechanism will only be activated if Romeo didn't send anything to Juliet yet, and would be skipped with pre-authenticated contact means like PARS (XEP-0379). I am aware that this will make first contact more complicated, but so far it's the only mechanism that I can see that works with adversarial servers and doesn't break the XMPP experience in non-obvious ways (the initiator can clearly see what happened and why, instead of getting ignored silently / their server being blackholed). c) Implement spam reporting (XEP-0377) - that only makes sense if there is some action mechanism behind, so that the reports don't just vanish in the server logs. Georg
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
