[Standards] s2s blocking of abusive users

Tomasz Sterna tomek at xiaoka.com
Fri Nov 9 09:23:11 UTC 2007


Dnia 08-11-2007, Cz o godzinie 13:15 -0700, Peter Saint-Andre pisze:
> [..] Unfortunately we did not
> have a way to ask the sending domain to shut off traffic for just those
> accounts, so we were forced to temporarily shut down all s2s traffic
> between jabber.org and the sending domain.

This is how things always worked well.
If one sends too much, you just stop reading and let the lower layers
take care of throttling.


> It seems to me that it would
> be good to have an XMPP extension that enables a receiving domain to
> request that the sending domain shut down s2s traffic on a per-account
> basis.

Isn't that throwing responsibility on the victim?
It should be the aggressor, that takes consequences of the action
(finding out the abuser).

What I'm afraid of, is if we encourage taking care of abuse at the
passive (receiving) side, that cannot take real action on the abuse, the
active (sending) side won't ever implement efficient way of preventing
abuses, relying on the reports from victims. (Similar to what is
happening in the SMTP realm with SPAM)

- "Oh, this user is abusing you? I'll disable his account."
  "And this one now? I'm disabling it now."

instead of proactive:
- "My users are abusing you and you throttled me? Oh! I will find out
the responsible ones. And will take actions to not let it happen again,
cause this is hitting all my innocent users."


-- 
  /\_./o__ Tomasz Sterna
 (/^/(_^^'  Xiaoka.com
._.(_.)_  XMPP: smoku at xiaoka.com




More information about the Standards mailing list