You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Following on from matrix-org/mjolnir#300, rejecting spam invites can just precipitate more abuse, as it can alert attackers that their names have been added to a ban list. This could be addressed by silently dropping spam invites, rather than rejecting them with an error. For example if the spam check here https://github.com/element-hq/synapse/blob/568051c0f07393b786b9d813a1db53dd332c9fc2/synapse/handlers/room_member.py#L900-914 determines that the invite is spam, return early with a 200 rather than raising an 403 error.
This could either be implemented as-is or could be a config option to give people the ability to choose to silently ignore spam invites.
The text was updated successfully, but these errors were encountered:
Following on from matrix-org/mjolnir#300, rejecting spam invites can just precipitate more abuse, as it can alert attackers that their names have been added to a ban list. This could be addressed by silently dropping spam invites, rather than rejecting them with an error. For example if the spam check here
https://github.com/element-hq/synapse/blob/568051c0f07393b786b9d813a1db53dd332c9fc2/synapse/handlers/room_member.py#L900-914 determines that the invite is spam, return early with a 200 rather than raising an 403 error.
This could either be implemented as-is or could be a config option to give people the ability to choose to silently ignore spam invites.
The text was updated successfully, but these errors were encountered: