[Standards-JIG] more SPIM JEPs

Tijl Houtbeckers thoutbeckers at splendo.com
Thu Sep 29 04:54:47 CDT 2005


On Thu, 29 Sep 2005 11:40:38 +0200, Ian Paterson  
<ian.paterson at clientside.co.uk> wrote:

> It is a shame that SPIMers have earnt so much money from SPAM. They now
> have significant financial and technical resources in place. It is much
> harder to build protocols and policies that will act as a real deterent
> to such well resourced organisations.
>
> IMHO the SPIM issue is fundamental to the long-term success of XMPP (as
> the miserable death of email is currently proving). It is important to
> have as much of our defenses in place from the start. We really don't
> want to be playing catch-up.
>
> We've already started on SPIM Reporting, JEP-0158 and JEP-0159. Do
> people have ideas for any other JEPs we should be working on? (Should
> we, for example, advance the 'Suspected-SPIM Marking' proto-JEP Nolan
> mentioned?)

As I mentioned way in the beginning of this discussion, I think there  
should be a way for servers to make an assesment of stanzas, as to the  
propabilities wether they are spim or not. I think the key to effective,  
and for the (receiving) user non-invasive, combatting of SPIM, the  
cooperation between the client and the server is essantial. As explained  
with the many use cases earlier in the discussion, clients can often have  
much better ways of discovering earlier trust relationship between itself  
and the sender. I was actually working on a JEP for this, but lack of time  
stopped me from finishing it, and I think it should be integrated with  
SPIM reporting.

Next I would like to see a JEP that describes the various tricks that  
servers and clients can do to avoid false reporting of SPIM to the user,  
some of which have also been mentioned earlier in the discussion.



More information about the Standards-JIG mailing list