continuwuation/continuwuity
10
27
Fork 25
Code Issues 89 Pull requests 28 Projects Releases 18 Packages 3 Activity Actions

policy list integration mega-issue/roadmap #910

New issue
Open
opened 2025-07-23 18:22:12 +00:00 by nex · 2 comments
nex commented 2025-07-23 18:22:12 +00:00
Owner
Copy link

This issue details the planned features to be implemented with server-side policy list following. Each task will have one or more pull requests associated with it, and must be merged before being checked off here.

Tip

Please provide feedback on what you would like to see, or what your ideal implementation would look like!

Plans for server-side policy list following:

Stage 1 (initial):

  • Basic subscription support
  • Refusing to route joins for banned users/servers, or to banned rooms
  • Refusing to allow invites from banned users/servers/rooms

Stage 2 (feature sprint):

  • Option to suspend users on policy ban
  • Refuse outgoing invites to banned users/servers/rooms (?)
  • Automatically ban & defederate banned rooms
  • Server-side MSC4284 policy server, using the followed lists
  • Server-side basic moderation bot (banning and redacting users that get added to a policy list)

Stage 3 (final implementation round):

  • Option to deactivate and purge media for users banned for a specific reason
  • Admin commands to subscribe/unsubscribe from lists
  • Relevant documentation added to inform admins on how to use the new features

Note

The room-level moderation features proposed here (i.e. policy server & moderation bot), will be designed in a way that they can be used to protect small communities that may not need an advanced level of protection, however will not provide the same level of protection as Draupnir or Meowlnir.
The intention is that communities will still set up their own moderation tooling, however will not be required to in order to benefit from the protection that shared policy lists provide. This is seen as a win-win for everyone.

The server-side management features will also be entirely optional and disabled by default.

This issue details the planned features to be implemented with server-side policy list following. Each task will have one or more pull requests associated with it, and must be merged before being checked off here. > [!TIP] > **Please provide feedback** on what you would like to see, or what your ideal implementation would look like! Plans for server-side policy list following: Stage 1 (initial): - [ ] Basic subscription support - [ ] Refusing to route joins for banned users/servers, or to banned rooms - [ ] Refusing to allow invites from banned users/servers/rooms Stage 2 (feature sprint): - [ ] Option to suspend users on policy ban - [ ] Refuse *outgoing* invites to banned users/servers/rooms (?) - [ ] Automatically ban & defederate banned rooms - [ ] Server-side MSC4284 policy server, using the followed lists - [ ] Server-side basic moderation bot (banning and redacting users that get added to a policy list) Stage 3 (final implementation round): - [ ] Option to deactivate and purge media for users banned for a specific reason - [ ] Admin commands to subscribe/unsubscribe from lists - [ ] Relevant documentation added to inform admins on how to use the new features > [!NOTE] > The room-level moderation features proposed here (i.e. policy server & moderation bot), will be designed in a way that they can be used to protect small communities that may not need an advanced level of protection, however will not provide the same level of protection as [Draupnir](https://the-draupnir-project.github.io/draupnir-documentation/) or [Meowlnir](https://docs.mau.fi/meowlnir/). > The intention is that communities will still set up their own moderation tooling, however will not be required to in order to benefit from the protection that shared policy lists provide. This is seen as a win-win for everyone. > > The server-side management features will also be entirely optional and disabled by default.
Jade commented 2025-07-23 18:39:53 +00:00
Owner
Copy link

Refusing to route joins for banned users

I wonder if this would slow down the reaction of mod bots given it guarantees that the join goes via a different server? Perhaps some way to trigger the mod bot preemptively banning when this happens.

Refuse outgoing invites to banned users/servers/rooms

Reminds me of auto_deactivate_banned_room_attempts - can help flag suspicious users, perhaps logging some lists to the admin room and auto-suspending others (and ofc silently rejecting some lists)

Missing but could go in 1 or 2: Automatically block downloading and/or serving media from blocked servers, automatically deleting media from blocked servers

Server-side MSC4284 policy server, using the followed lists

Probably needs to be in a different epic or something, and belongs after the mod bot imo if we're basing it off lists (or you get into a situation where events are being soft failed for a user that's still in the room). Should also be careful to not expose this endpoint unless it's actually in use.

Server-side basic moderation bot

Probably don't want this to conflict with the 'support bot' idea, so need to keep track of the rooms we're moderating (invited to buy an admin). Also should investigate renaming the admin bot first (even if only for new servers).

Admin commands to subscribe/unsubscribe from lists

We can't have this at the same time as config file policy lists I don't think. Would need to look at declarative appservices.

> Refusing to route joins for banned users I wonder if this would slow down the reaction of mod bots given it guarantees that the join goes via a different server? Perhaps some way to trigger the mod bot preemptively banning when this happens. > Refuse outgoing invites to banned users/servers/rooms Reminds me of auto_deactivate_banned_room_attempts - can help flag suspicious users, perhaps logging some lists to the admin room and auto-suspending others (and ofc silently rejecting some lists) Missing but could go in 1 or 2: Automatically block downloading and/or serving media from blocked servers, automatically deleting media from blocked servers > Server-side MSC4284 policy server, using the followed lists Probably needs to be in a different epic or something, and belongs after the mod bot imo if we're basing it off lists (or you get into a situation where events are being soft failed for a user that's still in the room). Should also be careful to not expose this endpoint unless it's actually in use. > Server-side basic moderation bot Probably don't want this to conflict with the 'support bot' idea, so need to keep track of the rooms we're moderating (invited to buy an admin). Also should investigate renaming the admin bot first (even if only for new servers). > Admin commands to subscribe/unsubscribe from lists We can't have this at the same time as config file policy lists I don't think. Would need to look at declarative appservices.
nex commented 2025-07-23 19:12:04 +00:00
Author
Owner
Copy link

We can't have this at the same time as config file policy lists I don't think

No, it'd probably replace them

> We can't have this at the same time as config file policy lists I don't think No, it'd probably replace them
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
tom/ci-fedora-rpm
nex/feat/provide-fast-joins
hydra/public
nex/feat/force-leave-room
renovate/actions-checkout-5.x
nex/feat/manual-extremities
illegal-car-mods
jade/dep-updates
jade/renovate-config-changes
renovate/termimad-0.x
renovate/cargo_toml-0.x
nex/fix/sync/leave-omission
renovate/toml-0.x
renovate/rand-0.x
renovate/nix-0.x
renovate/minicbor-serde-0.x
renovate/ctor-0.x
renovate/axum-client-ip-0.x
renovate/axum-monorepo
jade/rocksdb-10-5
nex/fed-improvements
tom/fixes
nex/feat/async-media
nex/feat/4277-harmonized-reporting-endpoints
nex/feat/fast-joins-hack-do-not-use-DO-NOT-USE
jade/musl-images
nex/feat/better-logging
trigger-ci-so-latest-isnt-on-illegal-car-mods
jade/parking_lot
jade/docs-updates-20250701
nex/fix/msc4307
nex/feat/pins-backfill
jade/upload-ci-binaries
jade/admin-command-docs
jade/tuwunel-2025-06
jade/tuwunel-2025-06-old
jade/ai-slop-db-docs
nex/fix-create-auth
jade/version-stats
jade/read-receipts
dahsa_uwu/axum-0.8
jade/rust-toolchain-no-targets
jade/logging-features
jade/syncv5-typing
jade/msc2815
jade/relations
jade/purge-sync-tokens
morguldir/see-eye
jade/css-small-screen
nex/wip-751
tuwunel-rebase
test
oddlid/rename-admin-room-bot
strawberry/nix-ci-stuff
strawberry/valgrind
strawberry/morgs-snake-sync-jason-main
newer-media-endpoints
folly-coroutines-async-io
federation-retry-timer-port
bad-attempt-at-extracting-homeserver-signing-key
room-deletion-attempt-do-not-use
v0.5.0-rc.7
v0.5.0-rc.6
v0.5.0-rc.5
v0.5.0-rc4
v0.5.0-rc3
v0.5.0-rc2
v0.5.0-rc
v0.4.7-rc
v0.4.6
v0.4.6-rc
v0.4.5-rc
v0.4.5
v0.4.4
v0.4.3
v0.4.2
v0.4.1
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
Labels
Clear labels   
Bug

Something isn't working as intended

  
Cherry-picking

Commits picked from other conduit projects

  
Database

This requires or includes changes to the database

  
Dependencies

Something dependency related

  
Dependencies/Renovate

Automatic dependency upgrades by Renovate

  
Difficulty
Easy
Low difficulty to implement - touches few parts of the codebase, low complexity

  
Difficulty
Hard
High difficulty to implement - touches many parts of the codebase, high complexity

  
Difficulty
Medium
Medium difficulty to implement - touches more parts of the codebase, higher complexity

  
Documentation

Improvements or additions to documentation

  
Enhancement

New feature or request

  
Good first issue

Good for newcomers

  
Help wanted

Additional eyes and keyboards are required for this one

  
Inherited

Issues that have been inhereted from the project pre-fork

  
Matrix/Administration

Features pertaining to homeserver administration

  
Matrix/Appservices

Features pertaining to the appservice API

  
Matrix/Auth

Features pertaining to authentication

  
Matrix/Client

Features pertaining to client-to-server interactions

  
Matrix/Core

   
Matrix/Federation

Features pertaining to server-to-server interactions

  
Matrix/MSC

Features pertaining to unstable matrix features

  
Matrix/Media

Features pertaining to media interactions

  
Meta

Related to housekeeping, maintenance, or other repo-meta.

  
Meta/Packaging

Packaging

  
Priority
Blocking
This issue is blocking the next release

  
Priority
High
This issue is very important

  
Priority
Low
This issue is of a rather low priority

  
Security

This item is related to general security

  
Status
Confirmed

  
Status
Duplicate
This issue or pull request already exists

  
Status
Invalid
This issue doesn't seem right

  
Status
Needs Investigation
This issue needs further investigation

  
To-Merge

   
Wont fix

This will not be worked on

  
old/ci/cd

Ci/CD

Archived

  
old/rust

Pull requests that update Rust code

Archived

No labels
Bug
Cherry-picking
Database
Dependencies
Dependencies/Renovate
Difficulty
Easy
Difficulty
Hard
Difficulty
Medium
Documentation
Enhancement
Good first issue
Help wanted
Inherited
Matrix/Administration
Matrix/Appservices
Matrix/Auth
Matrix/Client
Matrix/Core
Matrix/Federation
Matrix/MSC
Matrix/Media
Meta
Meta/Packaging
Priority
Blocking
Priority
High
Priority
Low
Security
Status
Confirmed
Status
Duplicate
Status
Invalid
Status
Needs Investigation
To-Merge
Wont fix
old/ci/cd
old/rust
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: continuwuation/continuwuity#910
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?