[Operators] spam

Kim Alvefur zash at zash.se
Sat Nov 19 13:18:44 UTC 2016

On 2016-11-19 14:05, Matthew Wild wrote:
> On 19 November 2016 at 12:52, David Banes <david at banes.org> wrote:
>> How about following the very large email providers lead and do something like this;
>> https://en.wikipedia.org/wiki/DMARC
>> https://dmarc.org/2016/02/how-can-i-tell-who-is-using-dmarc/
> DMARC prevents spoofing (e.g. spammers sending email from random
> places, but appearing like it came from legitimate servers). Email
> trivially allows this by default. XMPP does not have the same problem,
> and spoofing is not possible, and is not happening in these spam
> messages.

DMARC doesn't do that by itself, but by having means to say "I enforce
DKIM signing on x percentage of my outgoing email" and / or "I have
SPF".  XMPP doesn't really need that part.

But it also has a way to ask for reports to be sent to a specified
address.  Reports covering how many messages did or did not match rules
etc.  This part could be of interest.  It might have some overlap with
XEP 0268.

Kim "Zash" Alvefur

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20161119/663335e9/attachment.sig>

More information about the Operators mailing list