[Operators] server reputation

Peter Saint-Andre stpeter at stpeter.im
Fri Apr 18 14:27:05 CDT 2008


Jesse Thompson wrote:
> Pedro Melo wrote:
>> Hi,
>>
>> On Apr 17, 2008, at 8:16 PM, Peter Saint-Andre wrote:
>>
>>> Last year I posted a blog entry about server reputation:
>>>
>>> https://stpeter.im/?p=1988
>>>
>>> I think it would be helpful for this group to define some parameters for
>>> measuring server reputation.
>>>
>>> I'm not yet sure how we would use this information. I don't like the
>>> idea of a centralized reputation service since that provides a single
>>> point of failure for attacks against the network. At the last XMPP
>>> Summit in Brussels, we talked a bit about the idea of a server buddy
>>> list -- i.e., your server has a list of trusted other servers that it
>>> consults. So at jabber.org we might ask amessage.de and sapo.pt (or
>>> whatever) about new servers on the network.
>>>
>>> If we do this in an automated fasion, it requires better tracking and
>>> monitoring in existing xmppp server codebases.
>>>
>>> We could also do this in a more human-intensive way, e.g. a voting site
>>> (or sites) where admins can vote +1 or -1 on various domains.
>>>
>>> Thoughts?
>>
>> My problem with the whole server reputation thing is I don't see the
>> next step.
>>
>> Suppose that we get a reasonable system for measuring server
>> reputation. What then? Are you going to start blocking s2s based on
>> reputation, or have different shaping rules? Do future XEPs for
>> certain protocols (like pubsub proxying for example) take in account a
>> "trust level"?
>>
>> WIthout know what the goals are, what the usage of this database will
>> be, I don't see how we can design it.
> 
> The problem is that spammers will just create phony gmail or jabber.org
> accounts to use for spamming.  There's no way to justify blocking *all*
> s2s from gmail or jabber.org, so those spammers will have free reign.

There is no magic bullet. Server reputation would be one factor to take
into account.

For instance, if a spammer account at foo.com starts sending abusive
traffic to bar.com and bar.com reports the abuse to foo.com but foo.com
doesn't do anything about it, then bar.com might mod foo.com down in its
internal reputation system (which it might share with other servers that
trust it). I'm not saying bar.com would shut down s2s with foo.com.

> Server reputation still might be a good idea if the spammers choose to
> connect directly to send the spam.  However you won't get much buy-in
> until there is a problem that needs solving.

We have abuse problems now.

> In the email world, public whitelists aren't all that popular.
> Blacklists are.  A server is in effect whitelisted if it isn't on any
> blacklist.  I would suggest blacklisting as a first step.

Blacklists help if you don't have strong identity. Whitelists help if
you have strong identity. We have semi-strong identity with dialback.
Email is starting down the same road with DKIM and SPF.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/operators/attachments/20080418/211635de/attachment.bin 


More information about the Operators mailing list