This issue has been migrated from #11148.
The current Admin API to fetch abuse reports is not really convenient.
This gives homeserver administrators two possibilities:
- Write a script to fetch abuse reports from the admin API and publish it somewhere readable, typically a room. It's possible but annoying to implement and deploy.
- Configure a reverse proxy to intercept calls to
/report and publish them somewhere readable, typically a room. Mjölnir recently started offering this feature but it's still a pain to configure correctly and extends the security perimeter of homeservers that use the feature.
We should consider the following change:
- publish abuse reports directly to a room, as structured messages (possibly based on MSC3215);
- let the admin pick a user id, room id, etc. in homeserver.yaml to determine which user will publish these reports and where;
- encourage admins to adopt a bot to turn these structured messages into human-readable, internationalized, abuse reports.
This issue has been migrated from #11148.
The current Admin API to fetch abuse reports is not really convenient.
This gives homeserver administrators two possibilities:
/reportand publish them somewhere readable, typically a room. Mjölnir recently started offering this feature but it's still a pain to configure correctly and extends the security perimeter of homeservers that use the feature.We should consider the following change: