| 23 May 2025 |
 K900 | Yes and I'm not even convinced it's a good idea | 07:10:17 |
 emily | "In my opinion, the most interesting part to talk about above is MSC4284: Policy Servers. If you haven't already, read the matrix.org blog post on Introducing Policy Servers. In short, they're servers on the internet where you can send events to and have them be checked for spam/illegal imagery/etc. before allowing the event to be sent down to your users. You can think of them like a SpamChecker Synapse module, but homeserver implementation agnostic." | 07:10:41 |
| emily | right. | 07:10:43 |
| emily | (https://matrix.org/blog/) | 07:10:44 |
| emily | so… this doesn't even solve it for "us" | 07:10:58 |
| emily | like, it's something every one of the 5 billion homeservers our users run would have to implement, individually, right? | 07:11:12 |
| emily | (and also I assume that in practice there's going to be one policy server on matrix.org, because how many orgs are going to have the resources to negotiate access to the illegal content hash databases or staff people to do moderation work? so it's going to have a major centralizing effect on moderation policy) | 07:12:33 |
| emily | (…and also introduce a matrix.org SPOF on other homeservers 🙃) | 07:12:54 |
 @leira:matrix.org | Hi~ Can I get an invitation to the new NixOS room? | 07:13:19 |
| @leira:matrix.org | Thanks! | 07:14:17 |
| @leira:matrix.org left the room. | 07:15:35 |
 @raboof:matrix.org | if that'd exist we could at least realistically tell affected users "talk to your homeserver admin" instead of "uh yeah that's just how Matrix is rn", right? that seems like an improvement. (but indeed AFAICT a simple user reporting system would be both more useful and an order of magnitude easier to implement? am I missing something) | 07:17:34 |
| @raboof:matrix.org | oh policy servers are at the 'room level'? then that's nice but doesn't help against invite spam at all? | 07:20:11 |
 BeatLink | I think the only way to fix it is to implement better permission systems. Like for example, discord allows you to set who can create invite links, how long they are valid for and so on | 07:21:32 |
| BeatLink | Right now, anyone in a room can invite anyone | 07:21:41 |
| emily | that's not our issue at all | 07:25:10 |
| emily | we have not had a single instance of anyone inviting a spammer with the rooms being invite-only | 07:25:27 |
| BeatLink | oh | 07:25:37 |
| BeatLink | im curious then, what is the main problem? | 07:25:50 |
| @raboof:matrix.org | spammers inviting users to rooms with names containing slurs (and hinting that the room will contain illegal/offensive material like CSAM, though I haven't joined obv) | 07:27:13 |
| BeatLink | ohhhhhhhhhh | 07:27:57 |
| BeatLink | oh no... | 07:28:03 |
| BeatLink | thats...bad | 07:28:18 |
| @raboof:matrix.org | right, and because the moderation tools are at the 'room level', but the invite is to a room controlled by the spammer, those moderation tools aren't effective against this. | 07:29:12 |
| BeatLink | makes sense | 07:29:30 |
 uep | in addition to spamming the rooms with that horror, of course. | 07:37:07 |
| uep | but yes, they're using invitations as the spam as well | 07:37:24 |
| @raboof:matrix.org | luckily I haven't seen the spam in the rooms, it sounded bad indeed... for that the current moderation tools are 'ok I suppose' though? and that policy server idea sounds like an improvement there. | 07:41:14 |
| BeatLink | i think policy servers could be a good thing. Kinda like bluesky's blocklists and similar to block lists used by ad blockers | 07:47:44 |
| BeatLink | having a centralized database of bad stuff would offload some of the burdens of each server's moderators | 07:48:12 |
