Considering the open nature of the XMPP network and regular issues with abuse, I would like to see some form of rate-limiting/anti-abuse implementation for clients connected to OF.
Suggestions:
- Configurable rates to check on (messages/minute or messages/second)
- Potentially checking for large numbers of identical messages received
- If rates are exceeded, the option to drop messages (silently or with a message to the client)
- If rates are exceeded, automatic disabling of accounts (for severe cases, separate rate limits or repeat offenders?)
- Adding more client session info in the admin interface, e.g. the client user-agent, to be able to spot bots quickly
I'm not sure if this would be better implemented in the core or as a plugin, but it seems to me essential enough to consider it for the core.