[Standards-JIG] SPAM Filtering JEP

Thomas Barker thomas at thomasbarker.com
Wed Apr 14 10:14:01 UTC 2004


Hi!  Might as well de-lurk now.

I'm Thomas, a CS student in England, who's working on a Friend-Of-Friend
type protocol for XMPP for my dissertation.

I think your both right, and I agree that Jabber spam is easier to trace
than email.  But I think the biggest problem with spam is likely to come
from spam zombies.  When Jabber becomes popular, it will have many thousands
of clients running on insecure machines.

That's going to be hard to stop because of message volume that legitimate
jabber accounts can have.  A small business might have a Jabber account that
sends out payment notifications, etc.  It wouldn't be hard to sneak out spam
with all of that traffic.

Having a Baysian filter that tagged spam might be quite useful as a check on
rogue or zombie clients.  Each message could be run through a set of
filters, the filters would append a spam flag.

Something like ...
< spam namespace="jabber:x:spam:flag" probability=0.5 / >

The number of flagged messages for each account could be added-up.  The
admins could then deal with potential problem accounts.  The RBL could act
as a check on servers where the admins had failed to deal with clients
sending spam.

Server blacklisting can't work on its own if we have clients going bad.
Some public server have thousands of legitimate accounts, and it would be a
very blunt instrument to just blacklist the whole server.

Thomas


----- Original Message -----
>From: "Richard Dobson" <richard at dobson-i.net>
To: "Jabber protocol discussion list" <standards-jig at jabber.org>
Sent: Wednesday, April 14, 2004 11:02 AM
Subject: Re: [Standards-JIG] SPAM Filtering JEP


> This might be useful, but there are other steps which can be taken that
will
> fight any possible Jabber SPAM IMO more effectively, since in jabber it is
> very hard to forge a message from address you can be pretty sure a message
> is from who it says it is, also to discourage people from spamming from
> their jabber servers it might well be worth setting up RBL servers like
> there are in email that allow jabber servers to look up when accepting S2S
> connections if a particular domain is listed in the RBL and if it is deny
> the connection and firewall that IP if necessary.
>
> IMO a scheme such as this will probably be the most effective tool against
> SPAM although it cant completely stop it, but it does create an economic
> disincentive of spammers having to keep buying new domain names when they
> get blacklisted, then setting up their jabber servers with that new domain
> name, and also having to change IP address etc etc.
>
> Also another simple anti spam protection clients can implement is blocking
> messages from people not in their roster.
>
> Richard
>
> ----- Original Message -----
> From: "Mark Derricutt" <mark at talios.com>
> To: <standards-jig at jabber.org>
> Sent: Wednesday, April 14, 2004 9:56 AM
> Subject: [Standards-JIG] SPAM Filtering JEP
>
>
> > 'lo all, this is just a short note to intro myself and mention a JEP
> > proposal I'm starting ( hopefully I'll have something fleshed out enough
> to
> > post to the list as an early early draft soon ).
> >
> > Anyway, who am I?  I'm Mark Derricutt, 29, developer/coder geek living
in
> > Auckland New Zealand, currently doing Java based SMS messaging systems,
> and
> > advocating Jabber as much as can whereever I go.
> >
> > So whats the JEP I'm formulating in my head?  SPAM / SPAM Filtering.
> >
> > I've not seen spam much on Jabber myself, but had ALOT of it on ICQ
years
> > ago, and recently a series of articles have been published talking on
the
> > rise of IM based spam, which got me thinking...
> >
> > So far I'm touching any XML messaging details such as <x> element here
or
> > there untill I've got a more clearer idea of what I actually think
should
> > be doable.
> >
> > The basics so far for a first step:
> >
> >   - a standard way for a client to be told that an IM may be spam
> >   - a standard way for a client to tell a server that an IM was/was not
> spam
> >
> > Is there an interest in this JEP out there?
> >
> > Mark
>
> _______________________________________________
> Standards-JIG mailing list
> Standards-JIG at jabber.org
> https://jabberstudio.org/mailman/listinfo/standards-jig





More information about the Standards mailing list