[Operators] Annoying spam

Simon Josefsson simon at josefsson.org
Wed Nov 11 09:03:27 UTC 2015


Matthew Wild <mwild1 at gmail.com> writes:

>> Stepping back a bit, why is it even possible to send messages to
>> arbitrary people without prior authorization?  I naïvely thought that
>> the anti-spam property in XMPP was based on having to authorize a
>> presence subscription for other people before they can send me a
>> messages.  Wouldn't that work?  Yes, of course, spammers can spam me
>> with request to add them, but that is a low-signal channel and I'm not
>> likely to accept by random, and if I accidentally do I can remove them
>> later on.  At least then I don't get 25 lines of spam garbage displayed
>> on my cell phone.
>
> This is a policy, not protocol, issue. I think probably most servers
> can be configured to block messages from JIDs not on your roster. E.g.
> in Prosody by loading the mod_block_strangers module.
>
> I've a XEP in my to-write queue (if no-one beats me to it) to define a
> way to allow the client the ability to control this policy per-account
> however (stemming from the discussion about deprecating the old
> privacy lists protocol).

This seems like a good idea, and if implemented by clients and servers
would make it easy for me to enable this.  Having a switch add
complexity though, and if we anticipate more spam, it appears that the
only reasonable setting for this would be to reject messages from JIDs
not on your roster.  In that case, we'd might as well suggest that this
should be the default behaviour of servers.

/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 472 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/operators/attachments/20151111/5be3a943/attachment.sig>


More information about the Operators mailing list