Skip to content

MSC4294: Ignore and mass ignore invites #4294

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

MSC4294: Ignore and mass ignore invites #4294

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
1ccfe60
Add ignore invites proposal.
grinapo May 29, 2025
ce4afa1
Rename file to PR number.
grinapo May 29, 2025
4907dbc
Rename doc internal title
grinapo May 29, 2025
52c5d9b
MSC4294: specifying relation between ignore and ignored_inviters
grinapo May 29, 2025
b68209b
Update 4294-ignore-invites.md
grinapo May 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 64 additions & 0 deletions proposals/4294-ignore-invites.md
View file
Open in desktop
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implementation requirements:

  • Client
  • Server

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall, I feel this MSC is in direct competition with #4155 which has a number of implementations and experimentation. If there's parts that 4155 doesn't cover, this MSC would be best positioned to propose extensions to 4155 so that it may protect more users.

Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
# MSC4294 Ignore and mass ignore invites

## Proposal

### Introduction

Invite spam is getting more problematic and clients have no good way to handle massive invite spamming without server support.

**Ignoring** users seem to help this but it has two serious problems:

- completely ignoring users make them completely disappear for the user, and if the user is also a moderator/adminstrator it makes impossible to detect and handle further abuse
- servers are not _required_ to clean up [invites] after ignored users (by the spec).

**Rejecting ignores** also creates problem for clients:

- Invite rejections are _room based_, so when a user is invited to massive amount of rooms by `spammer` then rejections require numerous `leave` API calls
- API calls are rate limited so massive rejections may be impossible without seriously disturbing user communication
- There are no mass invite rejection feature based on `sender`

This proposal suggests a separate ignore for invites, and proposes compulsory server cleanup of invites, giving one solution for all of the listed problems.

### Proposed solution

Ignores are currently handled by `m.ignored_user_list` (`account_data` [APIs](https://spec.matrix.org/v1.14/client-server-api/#put_matrixclientv3useruseridaccount_datatype)).

Current spec only handles `ignored_users` list.

I propose to have it extended by **`ignored_inviters`** list the following way:

- the type is `m.ignored_inviters_list`
- it is a mapping of userId to empty object, similar to `ignored_users`
- the limit of the amount of the entries shall follow the same guidelines as `ignored_users`

#### Server behaviour

- Following an update of the `m.ignored_user_list`, the sync API for all clients should immediately start ignoring (or un-ignoring) all invites from all the listed users.
- Servers are **required** to reject all pending invites from all the ignored inviter users.
- Servers could choose to provide a boilerplate `reason` for rejection (but see security considerations below)

## Potential issues

When the server doesn't support this feature it should give appropriate error to the client, and the client have to handle that.

Clients should be aware of the success of the ignore somehow since they need a method to clear pending invited from the user UI. The method should be the same as for `ignored_users`.

This proposal does not handle rejection of all future invites.

This proposal does not handle rejection of future invites of various logical classification, like "invites from actors not sharing a room with the user", "invites from actors matching a pattern or regex", "invites from actors on a given server". These are often requested features but would make this proposal much more complex, which would slow down its acceptance. These could be covered in a later proposal.

`ignored_users` and `ignored_inviters` may overlap. It seems to be logical to remove already completely ignored users from `ignored_inviters`, however this would cause loss of information, since when the user unignores someone then their invites would be automagically unignored as well. Servers **should not** deduplicate and let the clients decide how they handle this situation and what interface they provide to the users to handle this. Internally, servers should ignore processing `ignored_inviters` for already ignored users at all.

## Alternatives

Manual rejection, hitting rate limits, losing connection, spam invites piling up. Sadness.

## Security considerations

This function is fuctionally similar to `ignore_users`, any security consideration there may apply here.

When a server autorejects invites on the user behalf it may choose to include a boilerplate `reason` for the rejection. However this would cause an unnecessary information leak towards the abuser (informing whether the server provides mass ignore or not), so choosing to have an absent `reason` may be prudent, this way it is indistinguishable from manual rejections. This proposal provides no way for the user to provide a `reason` field, which may or may not cause discomfort.

## Unstable prefix

This proposal use the already established `m.ignored_user_list` feature, extending its functionality.