On 13.01.2017 20:36, Kim Alvefur wrote: > Hey, > > First, I think we're better off if we think of blocking strangers by > default as a privacy protection measure, instead of a SPAM prevention > measure.
Exactly, as far as I see it, there are three scenarios: * SPAM - An entity sends you messages in order to sell you something * Privacy - An entity sends you unwanted messages (harassment, stalking, …) - An entity receives sensitive data from you (usually presence) * Attack - A malicious entity is able to make you consume resources (battery, data volume, …) I strongly agree with Kim that blocking should be seen as primary measure for privacy protection, not SPAM prevention. That said, I do believe that the three scenarios need to interact with each other by using common protocol mechanisms. I think it's possible to deal with message SPAM without restricting the sender by their presence subscription status of the receiver. I do not want to live in a world where users have to be subscribed to my presence in order to send me messages. After all, XMPP is a communications protocol, and that approach limits communication. I really wonder why this does come up once in a while. Presence SPAM is a hard problem right now. I don't found a good solution yet. It only become clear to me that users receiving presence subscription requests should be presented with a third option in the UI, besides 'accept' and 'reject', there should also be "ignore, report and block spammer". Maybe presence pre-approving could be helpful here. - Florian
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
