[Standards] RFC vs privacy lists
asterix at lagaule.org
Wed Apr 27 19:19:36 UTC 2011
On 04/27/2011 09:04 PM, Kim Alvefur wrote:
>> Let's say I configure a list to block all IQ for jid with
>> subscription=none (nice anti-spam rule).
>> Now I don't get any iq answer to, let's say, disco#info on my server.
>> That's normal because RFC  says that "Privacy lists MUST be the first
>> delivery rule applied by a server, superseding ..."
>> But RFC also says that every IQ MUST have an answer...
> It would make more sense to only block/apply lists to<iq type=get|set /> or at least have different rules for get|set and result|error
If a user setup this rule it's because he doesn't want spam. And if
server don't block result|error, user can be spammed of iq result for ex
A solution could be to have a sort of firewall in the server: if I send
an iq get|set with id=XXX, server will allow the result with the same
ID, but I don't know if it's really doable for servers ...
More information about the Standards