If you run a Matrix server
Open registration is disabled by default in Synapse, and we support that default. If your server offers open registration, you must invest in a safety team to provide appropriate moderation coverage, and mitigate the risks of allowing unknown users to use your server.
Review who is signing up for your server, and the rooms that your server joins.
Review reports from your users, and take action to remove harmful content they report. You should check your legal obligations in the country you host your server.
Work with other server operators to share information about harmful rooms and users. You can reach out to our Safety team at abuse@matrix.org to start that conversation.

In reply to @emma:rory.gay
what about it? its been known for years lol

In reply to @emma:rory.gay
matrix.org does not use a CSAM scanning tool.

🔗Approaches to tackling CSEA
[...]
We use Cloudflare’s CSAM detection APIs on unencrypted content on Matrix.org.
We use the IWF Hash, URL and Keyword lists from the IWF on unencrypted content on Matrix.org.
[...]

In reply to @emma:rory.gay
matrix.org does not use a CSAM scanning tool.

In reply to @emma:rory.gay
no matter how you turn it, you either pay cloudflare and only get protected for users on your own homeserver uploading CSAM (and break federation), or you become a large for-profit company

In reply to @emma:rory.gay
they publicly state that they rely on cloudflare to prevent CSAM being uploaded to their homeserver, and images posted in their rooms are merely scanned by mjolnir's NSFW.JS based protection (that gets patched out in nixpkgs anyways)