[Operators] addressing the spam problem

Dave Cridland dave at cridland.net
Wed Jan 13 08:38:58 UTC 2016

On 13 January 2016 at 02:23, Kim Alvefur <zash at zash.se> wrote:

> On 01/12/2016 06:55 PM, Peter Saint-Andre wrote:
> > Over the years we have discussed a number of potential methods for
> > mitigating (I do not say solving) the spam problem. For example:
> >
> > http://xmpp.org/extensions/xep-0159.html
> > http://xmpp.org/extensions/xep-0268.html
> > http://xmpp.org/extensions/xep-0275.html
> >
> > I suggest that we work on this problem more actively and start
> > experimenting with solutions.
> >
> > What do people on this list think?
> One think I think is missing is a way for client to easily report spam
> and other abuse.  IODEF being for communication between service
> administrators might be a bit heavy if you just want to say "I got spam
> from foo1234 at example.com".
If you think IODEF is heavy, wait until you see STIX.

But there are two issues here - first getting incident data ("I am being
spammed!"), which means attack data can be aggregated across the network
(so a server hosting only a handful of users can still benefit from the
statistical analysis that benefits the huge services). IODEF might work
here; it might even be too heavy. The person to ask is probably Alexey
Melnikov; I don't know if he's on this list.

The second is sharing attack intelligence - turning raw incident data
through analysis into a bigger picture, so that information such as "when a
bare jid receives two normal messages followed by one chat, this is almost
certainly a spam" can be shared. This is where STIX comes in - as well as a
lot of active discussion involving real people.

> With that in place, we'll be able to collect data that would feed into
> automated blocking, IODEF reports and reputation.

Is this worth discussing at the Summit?

> --
> Kim "Zash" Alvefur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20160113/84d55da3/attachment.html>

More information about the Operators mailing list