[Operators] spam

Kim Alvefur zash at zash.se
Sat Nov 19 13:18:44 UTC 2016


On 2016-11-19 14:05, Matthew Wild wrote:
> On 19 November 2016 at 12:52, David Banes <david at banes.org> wrote:
>> How about following the very large email providers lead and do something like this;
>>
>> https://en.wikipedia.org/wiki/DMARC
>> https://dmarc.org/2016/02/how-can-i-tell-who-is-using-dmarc/
> 
> DMARC prevents spoofing (e.g. spammers sending email from random
> places, but appearing like it came from legitimate servers). Email
> trivially allows this by default. XMPP does not have the same problem,
> and spoofing is not possible, and is not happening in these spam
> messages.

DMARC doesn't do that by itself, but by having means to say "I enforce
DKIM signing on x percentage of my outgoing email" and / or "I have
SPF".  XMPP doesn't really need that part.

But it also has a way to ask for reports to be sent to a specified
address.  Reports covering how many messages did or did not match rules
etc.  This part could be of interest.  It might have some overlap with
XEP 0268.

-- 
Regards,
Kim "Zash" Alvefur

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20161119/663335e9/attachment.sig>


More information about the Operators mailing list