[Standards] s2s blocking of abusive users

Peter Saint-Andre stpeter at stpeter.im
Fri Nov 9 20:42:37 UTC 2007

Tomasz Sterna wrote:
> Dnia 08-11-2007, Cz o godzinie 13:15 -0700, Peter Saint-Andre pisze:
>> [..] Unfortunately we did not
>> have a way to ask the sending domain to shut off traffic for just those
>> accounts, so we were forced to temporarily shut down all s2s traffic
>> between jabber.org and the sending domain.
> This is how things always worked well.
> If one sends too much, you just stop reading and let the lower layers
> take care of throttling.
>> It seems to me that it would
>> be good to have an XMPP extension that enables a receiving domain to
>> request that the sending domain shut down s2s traffic on a per-account
>> basis.
> Isn't that throwing responsibility on the victim?
> It should be the aggressor, that takes consequences of the action
> (finding out the abuser).

Right. I agree that the sending domain is a victim. But it may not even
know that the receiving domain is a victim (because the sending domain
admins are not paying close attention or whatever). So at least the
receiving domain should have a way to inform the sending domain that
there is a problem.

That raises the more general issue of better real-time reporting on the
operation of your IM service, but that's not a protocol issue so it's
off-topic here.

> What I'm afraid of, is if we encourage taking care of abuse at the
> passive (receiving) side, that cannot take real action on the abuse, the
> active (sending) side won't ever implement efficient way of preventing
> abuses, relying on the reports from victims. (Similar to what is
> happening in the SMTP realm with SPAM)
> - "Oh, this user is abusing you? I'll disable his account."
>   "And this one now? I'm disabling it now."
> instead of proactive:
> - "My users are abusing you and you throttled me? Oh! I will find out
> the responsible ones. And will take actions to not let it happen again,
> cause this is hitting all my innocent users."

Hmm. By "throttled me" do you mean "shut down s2s entirely" or "rate
limited s2s"? I agree that proactive is better. So are you suggesting
that how the jabber.org admins handled this last time was OK and that we
don't need better mechanisms for reporting abuse?

One thing that would help is better communication among the admins who
run XMPP IM services. Like a real community of admins who have to deal
with the day-to-day issues of running the code you write based on the
specs I define. :) And the funny thing is, I'm one of those admins, so I
do feel the pain at the end of the chain even though I don't write any
code. But again that's off-topic here -- I'll pursue that somewhere else...


Peter Saint-Andre

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20071109/fe14adf6/attachment.bin>

More information about the Standards mailing list