[JDEV] Jabber and spam?
Justin Karneges
justin-jdev at affinix.com
Sat Jun 21 06:40:03 CDT 2003
With dialback, this may not be an issue.
Consider that it is not cost-effective for spammers to use a legit return
address (bounces, complaints, tracking). This is part of the reasoning
behind challenge-response whitelist email filters. There is a FAQ about such
systems that asks: "What if the spammers respond to the challenge?" Answer:
"They won't, because they will never use a legit address!"
Of course, the weakness with these whitelist systems is that a spammer could
spoof the address of someone in your whitelist. This is not possible with
Jabber, as there is no whitelist. Every s2s connection is authenticated.
-Justin
On Saturday 21 June 2003 04:08 am, Bart van Bragt wrote:
> I was adjusting my email spam filters, again, and that started me
> wondering about Jabber and spam.
>
> IMO there are not many provisions to prevent spam from being
> sent/received in the jabber protocol. The only thing you can do is:
> - block everything from anyone not in your roster except auth requests
> - blacklist specific servers (very temporary solution)
> - Filter on certain words/patterns (brrrrr, no a very clean solution)
>
> I don't know of any clients/servers that implement the first 'solution'.
> Has this been though about? Any idea how spam can be prevented or at
> least reduced?
More information about the JDev
mailing list