In my experience, the standard behaviour for chat systems is to filter messages from people you don’t know/have not accepted yet. This is not a perfect solution, but I think it reduces unwanted messages/spam, identity theft, etc…
I believe (but can be wrong) that a good way to achieve this with XMPP is to set up every new account with a default privacy list such as :
<message/>
This way, advanced users (company accounts or whatnot) can still disable or enrich this policy as needed.
Unfortunately, I’ve not found any way to set up Openfire to do that upon registration. Unless there’s a better way, I will add this feature to the “Registration” plugin, with 3 settings : one to enable the feature, a String containing the name of the list, and another containing the XML of the list itself.
Is there any better way to achieve this ? Do you think such changes are likely to make it to the released packages (in which case I’ll prepare a pull-request) ?
Thanks in advance
EDIT : Branch is here. Pull request is here.
EDIT2 : XML more close to what’s used in actual implementation
That private list will also block MUC messages. If you really want to go down that road - blocking on presence status using privacy lists - make sure to whitelist the right things. Take also care of [OF-724] Privacy Lists should not block stanzas from service - IgniteRealtime JIRA
Thanks for your contribution! I’ve created [OF-1364] Registration plugin: allow default privacy list to be set - IgniteRealtime JIRA to track this change.