[Operators] How-to fight with SPAM accounts
Jesse Thompson
jesse.thompson at doit.wisc.edu
Wed Nov 25 12:53:41 CST 2009
Peter Saint-Andre wrote:
>> I think that the key for the 'right/best' anti-SPAM XMPP solution is to
>> involve regular/polite XMPP users in any way.
>
> I have my doubts that normal users will bother to flag messages as spam.
> However, given that I have only ever received a few spam messages over
> XMPP (and even those I wasn't 100% sure about), perhaps it would not be
> such a huge burden.
I like the idea of account level reputation. The current, most
troublesome, battlefront on the war against email spam is dealing
spammer-created freemail accounts, and with phished account credentials
on closed systems.
You could apply an account-level reputation system at the server as well
as the client.
An XMPP operator could set up the server to block domains whose
trustworthy account ratio is below their tolerance level. This would
effectively block domains that have only spammers. But it would not
block domains like jabber.org or gmail that are trustworthy but have
spammers signing up for free accounts.
For spamming accounts in trustworthy domains, the server operator could
set it up to block accounts that meet a certain untrustworthiness
threshold. Or, the users could do it at the client level.
The key is to figure out how to collect and expose the data in a private
way.
Jesse
--
Jesse Thompson
Division of Information Technology, University of Wisconsin-Madison
Email/IM: jesse.thompson at doit.wisc.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3317 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20091125/8c8412ad/attachment.bin>
More information about the Operators
mailing list