Peter Saint-Andre wrote:
I think that the key for the 'right/best' anti-SPAM XMPP solution is to involve regular/polite XMPP users in any way.I have my doubts that normal users will bother to flag messages as spam. However, given that I have only ever received a few spam messages over XMPP (and even those I wasn't 100% sure about), perhaps it would not be such a huge burden.
I like the idea of account level reputation. The current, most troublesome, battlefront on the war against email spam is dealing spammer-created freemail accounts, and with phished account credentials on closed systems.
You could apply an account-level reputation system at the server as well as the client.
An XMPP operator could set up the server to block domains whose trustworthy account ratio is below their tolerance level. This would effectively block domains that have only spammers. But it would not block domains like jabber.org or gmail that are trustworthy but have spammers signing up for free accounts.
For spamming accounts in trustworthy domains, the server operator could set it up to block accounts that meet a certain untrustworthiness threshold. Or, the users could do it at the client level.
The key is to figure out how to collect and expose the data in a private way.
Jesse -- Jesse Thompson Division of Information Technology, University of Wisconsin-Madison Email/IM: [email protected]
smime.p7s
Description: S/MIME Cryptographic Signature
