XMPP Service Operators - 2022-09-17

Where is this curated server list hosted that is used by e.g. kaidan?

https://providers.xmpp.net This one, Martin?

millesimus: thx

Nah. That one lists a lot of very good servers under not recommended.

I agree.

Not sure if it makes sense to recommend servers that are listed on the jabberspam blacklist. Users picking those might be disappointed if they can't talk to their friends on other servers.

That's a very very good point 😄

Martin: seems providers.xmpp.net need to add some new criteria to their ranking list? If you are on the soam list, automatic F.

Would make sense but I don't know what the operators of this list think about it.

Certainly more relevant then, they not listing the upload size

emus: melvo: ^ ✏

The impressum requires also info about support contact, hosting type (if applicable), data safety / retention, DR/RT policies (disaster recovery / recovery time) etc.

So mostly those services do not provide the relevant infos on the service site?

Martin: What exactly? and Which server is a spammer we list?

https://github.com/JabberSPAM/blacklist/blob/master/blacklist.txt#L2

I think listing servers (which is sort of recommending) which might very limited in federation as they appear on the blocklist doesn't make much sense.

Martin it's listed as D...

"Providers in this category cannot or should not be used for registration."

Exactly, I think it should not be listed at all. In D it is listed on the same level as conversations.im…

The key statement is automated registration. We can only recommend servers if such information is available as a reference (anything else is random). If we approach a fire and forget recommendation principle with this attempt to recommend servers which are suitable for unaware and non-tech-savvy users we need data to base evaluation on and second some level of what expectation a first XMPP experience should look like (compliance, support, and yes, upload sizes etc). But all this is under discussion and still development

Last but not least, the raw list can be applied and own filters. However, we don't recommend this.

> Certainly more relevant then, they not listing the upload size Please have a look at a provider's detail page. You will find the limits there.

There should rather be a spammer criteria, than not listing I believe

As emus said, all your suggestions are already on their way.

Here is the corresponding issue: https://invent.kde.org/melvo/xmpp-providers/-/issues/32

I don't see anything regarding spam servers there.

> There should rather be a spammer criteria, than not listing I believe How does listing spam servers help users who check your list to find a server? ✏

Holger: It exposes servers as *not* to register at least ✏

Yes but how does that help?

Why not just list those servers you deem suitable for registration?

> Why not just list those servers you deem suitable for registration? That's my point. Spam servers should simply not get listed.

Well, we always want to be transparent about what we do. Why not expose them as spammers?

emus: Why not list domains that don't offer XMPP? Seems unrelated to the goal of suggesting servers to newcomers.

> Well, we always want to be transparent about what we do. Maybe allow for explicitly querying your data for a specific server? I.e. similar to https://compliance.conversations.im – list suggestions and offer a domain input field?

Holger: The last thing I don't fully understand

> Holger: > 2022-09-17 05:35 (GMT+02:00) > emus: Why not list domains that don't offer XMPP? Seems unrelated to the goal of suggesting servers to newcomers. We experienced so far that the transparency usually results into improvement of server setups (also with respect to users). So, I believe this is a good thing.

Still the same topic: Your goal is listing suggestions. Why also list servers you _don't_ suggest? If the goal here is transparency, just add some domain input field that allows admins to check why their server isn't listed?

> We experienced so far that the transparency usually results into improvement of server setups (also with respect to users). So, I believe this is a good thing. Yes I see totally see how it makes sense to allow motivated admins to check how to get listed. But that could be done without cluttering the UI for end users, no?

Yeah. I personally think the best way is not to remove them, but bury them a bit more than they are now.

But then it's also going to bury various category D servers that are totally fine by most people's criteria 🙂

I'd prefer to not show servers that appear on the jabberspam list at all. If you *really*, *really* want to show all servers then making appearance on the jabberspam list showing up under "F" and not on par with servers like conversations.im is still better than the current state.

Right now it is only creep.im (which is not critical, as nowadays the admin is reachable in this MUC and it could get delisted if the admin would go through the process) but what if other really bad spam servers get added to the list?

Martin: I really don't see the problem if the site flags it

If you think it's a site that only lists recommended servers, that's incorrect and maybe the site needs clarification

It's a directory of all public XMPP servers

They should be shown, otherwise it could be interpreted as "oh, they have miss to test it" and not as "be a bad one"

I see this list as a list of recommended servers and servers flagged as "bad, do not use" should not appear at all. Why would you add something to the list of suggestions only to flag it as "not suggested"?

That's why I said they shouldn't be removed, but definitely buried so people can't accidentally think they are recommended

Martin: for reference purposes

Ok, I see your point.

But then it should have a "F" category.

Like compliance.conversations.im lets you see non-compliant servers (but does not recommend them on the front page)

'D' is 'F'

Right now a server appearing on the jabberspam list is on the same level as conversations.im. For me that's questionable, at least.

Feel free to mark them as "evil" or "claoke" 😉

I agree that it should probably be more clearly separated

conversations.im being in the same category as worse servers is a separate problem

With different solutions

Yeah, missing max http-upload size and server being known for spam should have a different weight. :) ✏

So 3 actions for the project: 1) add a "is known spam server" property, 2) show category D servers less prominently and make it more clear they are NOT recommended, 3) fix the category of conversations.im (and probably others)

ernst.on.tour: claoke? Do you mean kloake? I would never suggest something like this. That's very disrespectful.

Number 2) is not a problem as it already red and states "Providers in this category cannot or should not be used for registration."

My issue was just that spam servers are listed on the same level as conversations.im while I rather have them not listed. But I can also understand your point that not listing them might lead people to the conclusion it might be a good server that has just not been evaluated yet.

I still think they shouldn't necessarily be on the front page ✏

They should be discoverable, but they are not relevant to 90% of people who are looking for a server to use

For people interested in the properties of a specific server or for a full directory of services, sure. But that need not be on the front page.

As MattJ already said, the website is for all providers, not only suggested ones. If all clients integrate XMPP Providers (by using at least catehory C providers), no user will ever need to visit that website and see providers in category D. That is the goal instead of havin yet another website listing providers for users. conversations.im will get to A as soon as we are finished with the automation work. ✏

As MattJ already said, the website is for all providers, not only suggested ones. If all clients integrate XMPP Providers (by using at least catehory C providers), no user will ever need to visit that website and see providers in category D. That is the goal instead of having yet another website listing providers for users. conversations.im will get to A as soon as we are finished with the automation work. ✏

The main target of the website are the providers theirselves to see how they can improve their category and client developers to see what XMPP Providers is about.

We will introduce a property for spam servers as well once we have more automation.

Good. :)

> For people interested in the properties of a specific server or for a full directory of services, sure. But that need not be on the front page. I agree with MattJ ^

melvo: what remains to be done for the automation work?

> So 3 actions for the project: 1) add a "is known spam server" property, 2) show category D servers less prominently and make it more clear they are NOT recommended, 3) fix the category of conversations.im (and probably others) conversations.im and those others are classified as 'D' based on missing data for classification. Which seems like a contradiction in itself to me.

MattJ: The points mentioned in https://invent.kde.org/melvo/xmpp-providers/-/issues/32 and some others not yet added to it.

> The main target of the website are the providers theirselves to see how they can improve their category What's the advantage of publishing a *list* for this purpose, as opposed to an input field that allows admins to query the data/classification of their server?

Public shaming is a powerful motivator

or, chasing those green checkboxes

Zash: Yes I'm assuming that's the motivation indeed.

I am of course assuminguessing too

I think (1) that's not cool and (2) it doesn't help with the intended purpose.

(2) because people get the impression that the list yields wierd results.

Holger [18:45]: > > conversations.im and those others are classified as 'D' based on missing data for classification. Which seems like a contradiction in itself to me. This seems like a good argument for a separate "incomplete" category

And I'd think just _not_ listing servers would give interested admins enough incentive just fine.

> If you think it's a site that only lists recommended servers, that's incorrect and maybe the site needs clarification > It's a directory of all public XMPP servers So it's a directory of *all* federating XMPP servers, classified by criteria relevant to one specific use case (registering for a server that works well with mobile IM clients)?

I'm under the impression that it's partly a list of public servers along with details like file upload limits etc, and partly a opinionated grouping of those, that is optional to use.

with the intent of being embedded in clients for use in "create account" dialogs

So clients could use the existing ranking, or invent their own based on the available data.

Yes that part is cool 🙂

Whether the ranking is useful is up to clients and other users of the data I suppose. As a server dev, I'm not sure my opinion matters that much. :)

I.e. gathering data and allowing clients to filter servers based on criteria (and maybe offering filters for common use cases).

Public shaming not so much.

If you apply any subjective criteria, it's probably also subjective whether it counts as public _shaming_...

Apart from all that I'd allow server admins to opt out from being listed.

Having an "incomplete data" category does seem sensible imo.

Zash: Well it clearly says "should not be used for registration", so it triggers questions from power users worried that they registered with something bad.

Opinions!

But yeah, that does sound a bit harsh, especially if it's really about incomplete data.

Seems the opinion of an xmpp.net subdomain has some kind of authority.

(And no my _personal_ issue isn't being listed as 'D' but not being able to get off that list.)

And also my football team lost today.

And it's raining again!

> And also my football team lost today. 1.FC BM ? 😂 > And it's raining again! Wrong place, sun is/was shining whole day 😝

s/place/location

Holger: I thought I was helping nurture community projects by offering subdomains and hosting this way, but to be honest it's been mostly nothing but trouble for me since I started 😐

> Seems the opinion of an xmpp.net subdomain has some kind of authority. Hmm, I recall this discussion from the lemmy thing. :D

MattJ: Sorry about that, I'll shut up on this topic in public.

MattJ: Don't know whether it helps you or not but my criticism would have been the same when it was providers.kaidan.im. :)

The thing is, now, I feel like being more careful about what I say "yes" to, but that will probably make the "authoritative" perception worse 😐

So maybe we just need more community projects that are absurd and totally can't be mistaken as any kind of "official" thing

open subdomain registration? :))

MattJ: gimme xmpp-sucks.xmpp.net 🙂

xD

that _one_ will do it

mjk: Something makes me think that won't make life easier 😄

> MattJ: gimme xmpp-sucks.xmpp.net 🙂 Not sure whether to show the 'xmpp sucks' meme there or forward to that GitHub project which controls vacuum cleaners using xmpp. 🧐

Why not both?!

Martin: why not both? make "I know" on the picture a clickable region

🤣

> The thing is, now, I feel like being more careful about what I say "yes" to, but that will probably make the "authoritative" perception worse 😐 Yes I totally get the issue and see no good solution. But I'd think this specific example is fine, I mean I was just suggesting changes and giving reasonings, it's not like I'm asking anyone to take that site down. If my suggestions aren't convincing so be it.

an easter egg

But actually I wonder that there is an issue with seeing an xmpp.net domain as an official endorsement as most, if not all, people here should know that it is not. Do we need a mandatory "This website is not provided nor endorsed by the XSF" banner on all xmpp.net domains? I strongly dislike banners like that, but I also don't want MattJ to be subject to complaints for stuff happening on subdomains on xmpp.net he (or iteam? no idea) gives away as I think it's useful to give xmpp projects the possibility to get a nice xmpp domain without having to rent one themselves. ✏

Having such in a footer might not be a bad thing

ernst.on.tour: > 1.FC BM ? 😂 Now I'm worried about my image in public!

I actually meant the youth team I coach. If we're taking Bundesliga, Hertha BSC played 1:1 yesterday, would've thought it's obvious that this is the best soccer club of all time.

There was no winner, so everybody lost!

> MattJ: > 2022-09-17 06:58 (GMT+02:00) > Like compliance.conversations.im lets you see non-compliant servers (but does not recommend them on the front page) > 'D' is 'F' Yup I think it rather makes sense to adjust C & D criteria instead of having another F. We have many of the critques & points listed to improve. We also think that the project has advanced any other attempt in that recommendation regard from a user perspective - but not exceeded its potential feature and fairness-wise. But it is a work in progress project and we needed to start somewhere. It was also not clear how fragemented and diverse the server setup spectra is. And also what kind of stuff people come up with. So, for the moment we would like to ask for some patience and bare with us until we get the automation done. Yes I agree that spammers or really bad guys should be shown differently than not being clear about some parameters. Last but not least: The website ist actually not the go-to for users. The users should.be onboarded through clients. In there you are free to not use list A of course or simply add if yoi think other servers should be in there. I also don't follow the public shaming thing. Yes, we have that categories, but to have some standard we need some parameters right? I think all the criteria are usually easy to come up with if your are motivated to and you get into B easy. And further more we never started blaming actively - instead we reached out or tried to discuss with all the server maintainers. The best example is the abondoned draugr.de server maintainer I had to send a postcard to reach - and it really worked. > So clients could use the existing ranking, or invent their own based on the available data. yes I hope that all content complaints are lead to us and not to MattJ

A postcard?

😲

emus: that is some dedication :)