Hi Daniel, On Mon, 6 Mar 2023 at 17:17, Daniel Poelzleithner <[email protected]> wrote: > I was a long time xmpp user, but spam in the recent years drove me away, > which is kind of sad.
Yes, it is. Come back! :) The reality is that most people on XMPP actually don't experience spam. However, once you get your JID picked up and added to one or more spam lists, unfortunately, yes, you can receive overwhelming amounts if you don't do anything to stop it. With that said, I personally received a lot several years ago and I hardly receive any now. A lot of work has been done on multiple fronts to tackle spam on the network at both the sources and destinations. You can read about some of it here: https://blog.prosody.im/simple-anti-spam-tips/ - particularly the JabberSPAM project and associated resources linked from that post has been quite useful. Many public servers employ filters now, and the amount of spam getting through those is between negligible and zero. Another place to tackle spam is at the source. Many unmaintained servers with open registration, basically open relays, have been shut down thanks to the project's efforts. The majority of remaining spam now comes from a minority of servers where the admins don't care and do not cooperate with spam-fighting efforts. Those servers end up on the blocklist published by the project, and most servers will automatically block unsolicited communication from those servers. > Some time ago, I had following idea how to effectively fight spam. I cannot read this statement now without being immediately reminded of an old joke response to email spam solutions: https://craphound.com/spamsolutions.txt :) > * Each account can upload a set of webassembly blobs > * There is a list of hooks, the user can assign WA functions to events: > - message > - message from unknown jid > - subscription event > - ... > > The message is first routed through the webassembly function which can > either do something with the message, drop it or accept it, reply a > challenge,.... Who builds the webassembly blobs? Users? From what? My guess is that you're probably (like pretty much everyone else here) more comfortable than the average person with technical solutions like this, and you want a bit more (well, a lot more) control about the filtering happening before your server accepts messages to your account. My proposal is to host your own server and play with Prosody's mod_firewall to achieve this level of control. If you want to use a public server, just convince your admin to set it up instead (send them the blog post I linked above). That has the benefit of helping everyone else on the server, without them needing to do anything themselves. There are some simple example rulesets that ship with the module, and there are more advanced ones floating around the community if you ask (many of these are private by necessity). In summary, while I think your proposed solution could be implemented with some effort (the protocol and API work required is non-trivial) and then potentially see some deployment down the road, I think there are simpler ready-made solutions available today that are just as effective. As a server developer, I'd rather push for deployment of what we have, and other simple things we haven't even started on, before starting work on design and implementation of complex protocol extensions. Just my thoughts! Regards, Matthew PS. I think your proposed implementation would find applications beyond spam too, it would be interesting to play with something like you describe in general - I can imagine whole bots being implemented and uploaded to servers this way :) _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
