[Pkg-xmpp-devel] DebConf - talk scheduled: Debian & XMPP: packaging and infrastructure

Matthew Wild mwild1 at gmail.com
Mon Jul 23 09:49:05 BST 2018

On 19 July 2018 at 18:43, W. Martin Borgert <debacle at debian.org> wrote:
> Quoting Petter Reinholdtsen <pere at hungry.com>:
>> Perhaps the state of spam protection is a topic to address?
> Yes, definetely. Just to spoil everyones eagerness:
> There is no firewall in place yet, but at least vogler.d.o already
> runs stretch with the stable backports of prosody and prosody-modules,
> so we *could* have a firewall. So far, nobody found the time to do the
> next step, AFAIK.
> My own experience is, that spam (or "spim") is not as big a problem
> as it was one year ago. No idea, why. The few spam that I get, is
> "invitation spam" (= contact requests). Unfortunately, prosody
> firewalls cannot handle this, if I'm not mistaken.

Prosody's mod_firewall has the capability to filter/block anything.
The tricky part (as with all spam) is identifying what should be
blocked and what should not. There is very little information
contained in a subscription request (unlike a message, which may
contain spam URLs, etc.).

The current "best" approach seems to be blocking servers that generate
lots of outbound spam (such servers typically allow open registration
and are not well-maintained). E.g. see here:

Any other ideas are welcome, but I don't think the issue of spam will
ever be 100% solved. I do believe we can get a long way though - spam
has never been solved entirely for email, but we have a lot of
advantages in XMPP, such as stronger server identity verification
built into the protocol.


More information about the Pkg-xmpp-devel mailing list