ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] 1. Inventory of Problems - Email vs. IM

2003-12-23 13:32:24
from [Yakov Shafranovich] [Permanent Link] 
[Subject changed. Mod.]

Jon Kyme wrote:

I don't use instant message or chat much, but it is my impression that
other than virusbots like fizzer, IRC doesn't have much of a spam
problem.  Why not?  I'd think that it wouldn't be hard to write
spamware that sprinkled messages all over IRC?  Why don't we see much
instant message spam (at least relative to e-mail spam)?  Is it that
the popular IM systems are all closed with a central control point?




I'd guess it's that IM is (nearly) synchronous and so pretty much
automatically educates users in the art of sender (-ve/+ve) listing. Is it
true that sender forgery isn't do-able in IM ?



With the current "big" centralized systems such as MSN, Yahoo, AIM and
ICQ that is true. However, with XMPP (Jabber), IM becomes distributed
among servers, just like email, with an ability for a malicious IM
server or an "IM relay" to be introduced into the system which can forge
IMs and inject spam IMs into the network.

If you take a look at the current XMPP draft, it explictly talks about
methods to detect malicious and forged servers. It recommends using SASL
and TLS for inter-server communications, and a DNS method kind of like
LMAP. There is also a "server callback" method, kind of like C/R for
servers, which was used before and is present for backwards
compatability. The draft is here:

http://www.ietf.org/internet-drafts/draft-ietf-xmpp-core-20.txt

It also includes the following interesting snippet, which basically says
that any IM server can deny access to any other IM server:

"  Because service provisioning is a matter of policy, it is OPTIONAL
   for any given domain to communicate with other domains, and
   server-to-server communications MAY be disabled by the administrator
   of any given deployment.  If a particular domain enables inter-domain
   communications, it SHOULD enable high security.
"

Yakov
P.S. As an interesting historical footnote, the original SMTP document, RFC 821, defines a bunch of other commands in addition to MAIL FROM, such as SEND FROM, SOML FROM, and SAML, which send messages directly to the user's terminal, whichs sounds awfully like IM. Just imagine if SMTP was used for IM... 


-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Be liberal in what you accept, and conservative in what you send" (Jon Postel) 
-------


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] 0. General - Possible problems with IETF's servers, Yakov Shafranovich
Next by Date:  [Asrg] 6. Proposals - C/R and "callbacks", Yakov Shafranovich
Previous by Thread:  Re: [Asrg] Re: Why SPAM is worse in SMTP than in other protocols, David Maxwell
Next by Thread:  Re: [Asrg] Re: [1] Why SPAM is worse in SMTP than in other protocols, Jon Kyme
Indexes:  [Date] [Thread] [Top] [All Lists]