diff --git a/xep-0377.xml b/xep-0377.xml index 45e5376d9..826721fda 100644 --- a/xep-0377.xml +++ b/xep-0377.xml @@ -6,10 +6,9 @@
- Spam Reporting + Blocking Command Reports - This document specifies a mechanism by which users can report spam and other - abuse to a server operator or other spam service. + This document specifies a mechanism by which reporting information can be attached to a Blocking Command (XEP-0191) request. It enables servers to process reports related to blocked entities while remaining focused on this specific workflow rather than general abuse reporting. &LEGALNOTICE; 0377 @@ -28,6 +27,18 @@ NOT_YET_ASSIGNED &sam; &gdk; + + 0.4.1 + 2026-02-25 + gdk + +
    +
  • Explicitly constrain scope.
    • +
  • Renamed from 'Spam Reporting' to 'Blocking Command Reports'.
    • +
  • Specify optional reporter anonymization method.
    • +
+ + 0.4.0 2025-04-09 @@ -72,13 +83,12 @@

- Many spam and abuse prevention techniques rely on users being able to report - other users who are sending unwanted messages, or specific instances of - abuse. - &xep0191; allows users to block spammers, but does not provide a mechanism - for them to report a reason for the block to the server operator. - This specification extends the blocking command to optionally provide an - abuse report. + Many spam and abuse prevention techniques rely on users being able to block + spammers. &xep0191; allows users to prevent unwanted messages, but does not + provide a mechanism for attaching a reason for the block to the server + operator. This specification extends the blocking command to optionally + include a report associated with the blocked entity. It is limited in scope + to this workflow and does not define a general-purpose reporting mechanism.

@@ -98,11 +108,14 @@

- Entities that support &xep0030; and abuse reporting using the blocking - command as defined in this spec MUST respond to service discovery requests - with a feature of 'urn:xmpp:reporting:1'. - Support for this namespace also indicates support for the abuse reporting - reasons defined in this document. + Entities that support &xep0030; and the inclusion of reporting information + in conjunction with the Blocking Command as defined in this specification + MUST respond to service discovery requests with a feature of + 'urn:xmpp:reporting:1'. + Advertising this feature indicates that the entity can receive reports + attached to a block, including the abuse reasons defined in this document. + It does not imply support for independent or generic reporting of spam or + abuse outside of the Blocking Command workflow. For example, a response from a server that supports reporting and understands the abuse and spam reasons defined later in this specification might look like the following: @@ -189,18 +202,22 @@ that do not explicitly include the corresponding processing option.

- Servers MAY anonymize any submission to third-party services to protect the identity - of the reporter. Servers SHOULD NOT protect the identity of the reported entity (the - alleged spammer/abuser), as it hurts processing without adding any significant - protection: it is likely that the origin server can easily look up the original - stanza in their local message archive anyway. Servers can anonymize the report by - removing the 'to' attribute of the reported message. + Servers MAY forward reports to third-party services. If a server chooses to + anonymize the reporter's identity, the only acceptable method is to remove + the 'to' attribute from the reported message within the report; no other + anonymization methods are defined by this specification. Servers SHOULD NOT + anonymize the reported entity (the blocked or allegedly abusive JID), as + doing so hinders processing and provides little practical privacy benefit, + since the origin server can typically retrieve the original message from + its local message archive. This ensures that any processing performed by + third-party services cannot reveal the identity of the reporter while + preserving the context necessary for handling the report.

- +

- To send a report, a report payload MAY be inserted into an <item/> - node sent as part of a request to block a spammer as defined in &xep0191;. + To send a report, a report payload MUST be included as part of an <item/> + node within a Blocking Command request as defined in &xep0191;. For example:

]]> +

+ Reports submitted outside of a Blocking Command are outside the scope of this XEP. +

Servers that receive a blocking command with a report MUST block the JID or return an error just as they would if no report were present. diff --git a/xep.ent b/xep.ent index 983075e23..1c9780bfa 100644 --- a/xep.ent +++ b/xep.ent @@ -1678,7 +1678,7 @@ IANA Service Location Protocol, Version 2 (SLPv2) Templates OpenPGP for XMPP Instant Messaging (XEP-0374) XEP-0374: OpenPGP for XMPP Instant Messaging <https://xmpp.org/extensions/xep-0374.html>." > XMPP Compliance Suites 2016 (XEP-0375) XEP-0375: XMPP Compliance Suites 2016 <https://xmpp.org/extensions/xep-0375.html>." > Pubsub Account Management (XEP-0376) XEP-0376: Pubsub Account Management <https://xmpp.org/extensions/xep-0376.html>." > -Spam Reporting (XEP-0377) XEP-0377: Spam Reporting <https://xmpp.org/extensions/xep-0377.html>." > +Blocking Command Reports (XEP-0377) XEP-0377: Spam Reporting <https://xmpp.org/extensions/xep-0377.html>." > OTR Discovery (XEP-0378) XEP-0378: OTR Discovery <https://xmpp.org/extensions/xep-0378.html>." > Pre-Authenticated Roster Subscription (XEP-0379) XEP-0379: Pre-Authenticated Roster Subscription <https://xmpp.org/extensions/xep-0379.html>." >