[Operators] server reputation
Jesse Thompson
jesse.thompson at doit.wisc.edu
Fri Apr 18 13:55:24 CDT 2008
Pedro Melo wrote:
> Hi,
>
> On Apr 17, 2008, at 8:16 PM, Peter Saint-Andre wrote:
>
>> Last year I posted a blog entry about server reputation:
>>
>> https://stpeter.im/?p=1988
>>
>> I think it would be helpful for this group to define some parameters for
>> measuring server reputation.
>>
>> I'm not yet sure how we would use this information. I don't like the
>> idea of a centralized reputation service since that provides a single
>> point of failure for attacks against the network. At the last XMPP
>> Summit in Brussels, we talked a bit about the idea of a server buddy
>> list -- i.e., your server has a list of trusted other servers that it
>> consults. So at jabber.org we might ask amessage.de and sapo.pt (or
>> whatever) about new servers on the network.
>>
>> If we do this in an automated fasion, it requires better tracking and
>> monitoring in existing xmppp server codebases.
>>
>> We could also do this in a more human-intensive way, e.g. a voting site
>> (or sites) where admins can vote +1 or -1 on various domains.
>>
>> Thoughts?
>
> My problem with the whole server reputation thing is I don't see the
> next step.
>
> Suppose that we get a reasonable system for measuring server reputation.
> What then? Are you going to start blocking s2s based on reputation, or
> have different shaping rules? Do future XEPs for certain protocols (like
> pubsub proxying for example) take in account a "trust level"?
>
> WIthout know what the goals are, what the usage of this database will
> be, I don't see how we can design it.
The problem is that spammers will just create phony gmail or jabber.org
accounts to use for spamming. There's no way to justify blocking *all*
s2s from gmail or jabber.org, so those spammers will have free reign.
Server reputation still might be a good idea if the spammers choose to
connect directly to send the spam. However you won't get much buy-in
until there is a problem that needs solving.
In the email world, public whitelists aren't all that popular.
Blacklists are. A server is in effect whitelisted if it isn't on any
blacklist. I would suggest blacklisting as a first step.
Jesse
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3340 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/operators/attachments/20080418/fc9a99b8/attachment.bin
More information about the Operators
mailing list