[Operators] Spam Problem And Its Simple Solution
a at creep.im
Fri Dec 2 20:05:36 UTC 2016
Well, there is no working server-side solution forXMPP as of now, and
today was a first day I used the "doomed to fail" client-side solution:
a simple yet effective CAPTCHA-plugin for Gajim. Today was a first day
for a long time I haven't received a single spam message. Even
Conversations today haven't produced a single spam notification, since
Gajim worked all day with a higher resource value and effectively
filtered all messages.
Client-side filtering simply works.
Lots and lots of people are talking about the innovative counter-spam
techhiques, greylisting and complex reputation systems for example, but
I can't understand clearly how anything server-side can work without
disrupting the openness of the XMPP. In XMPP world, you can register an
account and start communicate with people, using just a client
application. You can even route traffic through Tor, if anonymity
matters. The account can be set up in a matter of minutes, and if you
know exactly how it is done, you can do it in less than one minute.
Spammers also did like this simplicity. The registration captcha is
easy, and the process of creating accounts can be automated. If it is
required, spammers can create a separate unique account for sending just
a single spam message for a distinct user. Technically this is very much
doable, and doesn't require any serious expertise.
And if there will be systems deployed on XMPP servers, which will
analyze account reputation or any other user patterns, what can they do
for newly created accounts without any prior activity and history? For
such accounts, spammers' or regular users', there will be absolutely no
information available. How anything can be determined about those
without reading the messages? Should we treat them as spammers by default?
On 12/02/2016 01:04 PM, Tomasz Sterna wrote:
> Any solution that puts the burden of fighting SMAP on the users and
> keeps the SPAM sending cost at zero is doomed to fail.
More information about the Operators