[Standards-JIG] SPAM Filtering JEP
richard at dobson-i.net
Wed Apr 14 10:02:21 UTC 2004
This might be useful, but there are other steps which can be taken that will
fight any possible Jabber SPAM IMO more effectively, since in jabber it is
very hard to forge a message from address you can be pretty sure a message
is from who it says it is, also to discourage people from spamming from
their jabber servers it might well be worth setting up RBL servers like
there are in email that allow jabber servers to look up when accepting S2S
connections if a particular domain is listed in the RBL and if it is deny
the connection and firewall that IP if necessary.
IMO a scheme such as this will probably be the most effective tool against
SPAM although it cant completely stop it, but it does create an economic
disincentive of spammers having to keep buying new domain names when they
get blacklisted, then setting up their jabber servers with that new domain
name, and also having to change IP address etc etc.
Also another simple anti spam protection clients can implement is blocking
messages from people not in their roster.
----- Original Message -----
>From: "Mark Derricutt" <mark at talios.com>
To: <standards-jig at jabber.org>
Sent: Wednesday, April 14, 2004 9:56 AM
Subject: [Standards-JIG] SPAM Filtering JEP
> 'lo all, this is just a short note to intro myself and mention a JEP
> proposal I'm starting ( hopefully I'll have something fleshed out enough
> post to the list as an early early draft soon ).
> Anyway, who am I? I'm Mark Derricutt, 29, developer/coder geek living in
> Auckland New Zealand, currently doing Java based SMS messaging systems,
> advocating Jabber as much as can whereever I go.
> So whats the JEP I'm formulating in my head? SPAM / SPAM Filtering.
> I've not seen spam much on Jabber myself, but had ALOT of it on ICQ years
> ago, and recently a series of articles have been published talking on the
> rise of IM based spam, which got me thinking...
> So far I'm touching any XML messaging details such as <x> element here or
> there untill I've got a more clearer idea of what I actually think should
> be doable.
> The basics so far for a first step:
> - a standard way for a client to be told that an IM may be spam
> - a standard way for a client to tell a server that an IM was/was not
> Is there an interest in this JEP out there?
More information about the Standards