feat(event_auth): Add additional logging

.forgejo/workflows/release-image.yml

@@ -262,7 +262,7 @@ jobs:
             type=ref,event=branch,prefix=${{ format('refs/heads/{0}', github.event.repository.default_branch) != github.ref && 'branch-' || '' }}
             type=ref,event=pr
             type=sha,format=long
-            type=raw,value=latest,enable=${{ !startsWith(github.ref, 'refs/tags/v') }}
+            type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
           images: ${{needs.define-variables.outputs.images}}
           # default labels & annotations: https://github.com/docker/metadata-action/blob/master/src/meta.ts#L509
         env:

.forgejo/workflows/rust-checks.yml

@@ -73,6 +73,7 @@ jobs:
         run: |
           cargo clippy \
             --workspace \
+            --all-features \
             --locked \
             --no-deps \
             --profile test \
@@ -132,6 +133,7 @@ jobs:
         run: |
           cargo test \
             --workspace \
+            --all-features \
             --locked \
             --profile test \
             --all-targets \

CODE_OF_CONDUCT.md

@@ -59,7 +59,7 @@ representative at an online or offline event.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported to the community leaders responsible for enforcement over Matrix at [#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org) or email at <tom@tcpip.uk>, <jade@continuwuity.org> and <nex@continuwuity.org> respectively.
+reported to the community leaders responsible for enforcement over Matrix at [#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org) or email at <tom@tcpip.uk>, <jade@continuwuity.org> and <nex@continuwuity.org> respectively.
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the

CONTRIBUTING.md

@@ -65,11 +65,11 @@ Tests, compilation, and linting can be run with standard Cargo commands:
 cargo test
 
 # Check compilation
-cargo check --workspace
+cargo check --workspace --all-features
 
 # Run lints
-cargo clippy --workspace
-# Auto-fix: cargo clippy --workspace --fix --allow-staged;
+cargo clippy --workspace --all-features
+# Auto-fix: cargo clippy --workspace --all-features --fix --allow-staged;
 
 # Format code (must use nightly)
 cargo +nightly fmt
@@ -166,7 +166,7 @@ their contributions accepted. This includes users who have been banned from
 continuwuity Matrix rooms for Code of Conduct violations.
 
 [issues]: https://forgejo.ellis.link/continuwuation/continuwuity/issues
-[continuwuity-matrix]: https://matrix.to/#/#continuwuity:continuwuity.org
+[continuwuity-matrix]: https://matrix.to/#/#continuwuity:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org
 [complement]: https://github.com/matrix-org/complement/
 [sytest]: https://github.com/matrix-org/sytest/
 [mdbook]: https://rust-lang.github.io/mdBook/

Cargo.lock

@@ -3921,7 +3921,7 @@ checksum = "88f8660c1ff60292143c98d08fc6e2f654d722db50410e3f3797d40baaf9d8f3"
 [[package]]
 name = "ruma"
 version = "0.10.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "assign",
  "js_int",
@@ -3941,7 +3941,7 @@ dependencies = [
 [[package]]
 name = "ruma-appservice-api"
 version = "0.10.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -3953,7 +3953,7 @@ dependencies = [
 [[package]]
 name = "ruma-client-api"
 version = "0.18.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "as_variant",
  "assign",
@@ -3976,7 +3976,7 @@ dependencies = [
 [[package]]
 name = "ruma-common"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "as_variant",
  "base64 0.22.1",
@@ -4008,7 +4008,7 @@ dependencies = [
 [[package]]
 name = "ruma-events"
 version = "0.28.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "as_variant",
  "indexmap 2.9.0",
@@ -4033,7 +4033,7 @@ dependencies = [
 [[package]]
 name = "ruma-federation-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "bytes",
  "headers",
@@ -4055,7 +4055,7 @@ dependencies = [
 [[package]]
 name = "ruma-identifiers-validation"
 version = "0.9.5"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "js_int",
  "thiserror 2.0.12",
@@ -4064,7 +4064,7 @@ dependencies = [
 [[package]]
 name = "ruma-identity-service-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4074,7 +4074,7 @@ dependencies = [
 [[package]]
 name = "ruma-macros"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "cfg-if",
  "proc-macro-crate",
@@ -4089,7 +4089,7 @@ dependencies = [
 [[package]]
 name = "ruma-push-gateway-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4101,7 +4101,7 @@ dependencies = [
 [[package]]
 name = "ruma-signatures"
 version = "0.15.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=a4b948b40417a65ab0282ae47cc50035dd455e02#a4b948b40417a65ab0282ae47cc50035dd455e02"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da"
 dependencies = [
  "base64 0.22.1",
  "ed25519-dalek",

Cargo.toml

@@ -352,7 +352,7 @@ version = "0.1.2"
 [workspace.dependencies.ruma]
 git = "https://forgejo.ellis.link/continuwuation/ruwuma"
 #branch = "conduwuit-changes"
-rev = "a4b948b40417a65ab0282ae47cc50035dd455e02"
+rev = "b753738047d1f443aca870896ef27ecaacf027da"
 features = [
     "compat",
     "rand",

README.md

@@ -115,7 +115,7 @@ When incorporating code from other forks:
 
 #### Contact
 
-Join our [Matrix room](https://matrix.to/#/#continuwuity:continuwuity.org) and [space](https://matrix.to/#/#space:continuwuity.org) to chat with us about the project!
+Join our [Matrix room](https://matrix.to/#/#continuwuity:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org) and [space](https://matrix.to/#/#space:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org) to chat with us about the project!
 
 <!-- ANCHOR_END: footer -->
 

conduwuit-example.toml

@@ -340,6 +340,22 @@
 #
 #federation_timeout = 300
 
+# MSC4284 Policy server request timeout (seconds). Generally policy
+# servers should respond near instantly, however may slow down under
+# load. If a policy server doesn't respond in a short amount of time, the
+# room it is configured in may become unusable if this limit is set too
+# high. 10 seconds is a good default, however dropping this to 3-5 seconds
+# can be acceptable.
+#
+# Please be aware that policy requests are *NOT* currently re-tried, so if
+# a spam check request fails, the event will be assumed to be not spam,
+# which in some cases may result in spam being sent to or received from
+# the room that would typically be prevented.
+#
+# About policy servers: https://matrix.org/blog/2025/04/introducing-policy-servers/
+#
+#policy_server_request_timeout = 10
+
 # Federation client idle connection pool timeout (seconds).
 #
 #federation_idle_timeout = 25

docs/appservices.md

@@ -3,7 +3,7 @@
 ## Getting help
 
 If you run into any problems while setting up an Appservice: ask us in
-[#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org) or
+[#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org) or
 [open an issue on Forgejo](https://forgejo.ellis.link/continuwuation/continuwuity/issues/new).
 
 ## Set up the appservice - general instructions

docs/community.md

@@ -75,9 +75,9 @@ subject to enforcement action.
 ## Matrix Community
 
 These Community Guidelines apply to the entire
-[Continuwuity Matrix Space](https://matrix.to/#/#space:continuwuity.org) and its rooms, including:
+[Continuwuity Matrix Space](https://matrix.to/#/#space:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org) and its rooms, including:
 
-### [#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org)
+### [#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org)
 
 This room is for support and discussions about Continuwuity. Ask questions, share insights, and help
 each other out while adhering to these guidelines.
@@ -85,7 +85,7 @@ each other out while adhering to these guidelines.
 We ask that this room remain focused on the Continuwuity software specifically: the team are
 typically happy to engage in conversations about related subjects in the off-topic room.
 
-### [#offtopic:continuwuity.org](https://matrix.to/#/#offtopic:continuwuity.org)
+### [#offtopic:continuwuity.org](https://matrix.to/#/#offtopic:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org)
 
 For off-topic community conversations about any subject. While this room allows for a wide range of
 topics, the same guidelines apply. Please keep discussions respectful and inclusive, and avoid
@@ -95,7 +95,7 @@ care and respect for diverse viewpoints.
 General topics, such as world events, are welcome as long as they follow the guidelines. If a member
 of the team asks for the conversation to end, please respect their decision.
 
-### [#dev:continuwuity.org](https://matrix.to/#/#dev:continuwuity.org)
+### [#dev:continuwuity.org](https://matrix.to/#/#dev:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org)
 
 This room is dedicated to discussing active development of Continuwuity, including ongoing issues or
 code development. Collaboration here must follow these guidelines, and please consider raising

docs/development/hot_reload.md

@@ -196,5 +196,5 @@ The initial implementation PR is available [here][1].
 [4]: https://github.com/rust-lang/rust/issues/28794#issuecomment-368693049
 [5]: https://github.com/rust-lang/cargo/issues/12746
 [6]: https://crates.io/crates/hot-lib-reloader/
-[7]: https://matrix.to/#/#continuwuity:continuwuity.org
+[7]: https://matrix.to/#/#continuwuity:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org
 [8]: https://crates.io/crates/libloading

engage.toml

@@ -96,6 +96,7 @@ script = """
 direnv exec . \
 cargo clippy \
     --workspace \
+    --all-features \
     --locked \
     --profile test \
     --color=always \

src/core/config/mod.rs

@@ -431,6 +431,23 @@ pub struct Config {
 	#[serde(default = "default_federation_timeout")]
 	pub federation_timeout: u64,
 
+	/// MSC4284 Policy server request timeout (seconds). Generally policy
+	/// servers should respond near instantly, however may slow down under
+	/// load. If a policy server doesn't respond in a short amount of time, the
+	/// room it is configured in may become unusable if this limit is set too
+	/// high. 10 seconds is a good default, however dropping this to 3-5 seconds
+	/// can be acceptable.
+	///
+	/// Please be aware that policy requests are *NOT* currently re-tried, so if
+	/// a spam check request fails, the event will be assumed to be not spam,
+	/// which in some cases may result in spam being sent to or received from
+	/// the room that would typically be prevented.
+	///
+	/// About policy servers: https://matrix.org/blog/2025/04/introducing-policy-servers/
+	/// default: 10
+	#[serde(default = "default_policy_server_request_timeout")]
+	pub policy_server_request_timeout: u64,
+
 	/// Federation client idle connection pool timeout (seconds).
 	///
 	/// default: 25
@@ -2208,6 +2225,8 @@ fn default_federation_conn_timeout() -> u64 { 10 }
 
 fn default_federation_timeout() -> u64 { 25 }
 
+fn default_policy_server_request_timeout() -> u64 { 10 }
+
 fn default_federation_idle_timeout() -> u64 { 25 }
 
 fn default_federation_idle_per_host() -> u16 { 1 }

src/core/matrix/state_res/event_auth.rs

@@ -149,8 +149,7 @@ where
 	for<'a> &'a E: Event + Send,
 {
 	debug!(
-		event_id = format!("{}", incoming_event.event_id()),
-		event_type = format!("{}", incoming_event.event_type()),
+		event_type = ?incoming_event.event_type(),
 		"auth_check beginning"
 	);
 
@@ -217,8 +216,9 @@ where
 	}
 
 	/*
-	// TODO: In the past this code caused problems federating with synapse, maybe this has been
-	// resolved already. Needs testing.
+	// TODO: In the past this code was commented as it caused problems with Synapse. This is no
+	// longer the case. This needs to be implemented.
+	// See also: https://github.com/ruma/ruma/pull/2064
 	//
 	// 2. Reject if auth_events
 	// a. auth_events cannot have duplicate keys since it's a BTree
@@ -376,6 +376,11 @@ where
 			&user_for_join_auth_membership,
 			&room_create_event,
 		)? {
+			warn!(
+				target_user = ?target_user,
+				sender = ?sender,
+				"m.room.member event was not allowed",
+			);
 			return Ok(false);
 		}
 
@@ -411,7 +416,10 @@ where
 	let membership_state = membership_state.deserialize()?;
 
 	if !matches!(membership_state, MembershipState::Join) {
-		warn!("sender's membership is not join");
+		warn!(
+			membership = %membership_state,
+			"sender's membership is not join"
+		);
 		return Ok(false);
 	}
 
@@ -510,6 +518,7 @@ where
 		};
 
 		if !check_redaction(room_version, incoming_event, sender_power_level, redact_level)? {
+			warn!("redaction event was not allowed");
 			return Ok(false);
 		}
 	}

src/service/rooms/event_handler/mod.rs

@@ -6,6 +6,7 @@ mod handle_incoming_pdu;
 mod handle_outlier_pdu;
 mod handle_prev_pdu;
 mod parse_incoming_pdu;
+mod policy_server;
 mod resolve_state;
 mod state_at_incoming;
 mod upgrade_outlier_pdu;
@@ -37,6 +38,7 @@ struct Services {
 	server_keys: Dep<server_keys::Service>,
 	short: Dep<rooms::short::Service>,
 	state: Dep<rooms::state::Service>,
+	state_cache: Dep<rooms::state_cache::Service>,
 	state_accessor: Dep<rooms::state_accessor::Service>,
 	state_compressor: Dep<rooms::state_compressor::Service>,
 	timeline: Dep<rooms::timeline::Service>,
@@ -62,6 +64,7 @@ impl crate::Service for Service {
 				pdu_metadata: args.depend::<rooms::pdu_metadata::Service>("rooms::pdu_metadata"),
 				short: args.depend::<rooms::short::Service>("rooms::short"),
 				state: args.depend::<rooms::state::Service>("rooms::state"),
+				state_cache: args.depend::<rooms::state_cache::Service>("rooms::state_cache"),
 				state_accessor: args
 					.depend::<rooms::state_accessor::Service>("rooms::state_accessor"),
 				state_compressor: args

src/service/rooms/event_handler/policy_server.rs

@@ -0,0 +1,121 @@
+//! Policy server integration for event spam checking in Matrix rooms.
+//!
+//! This module implements a check against a room-specific policy server, as
+//! described in the relevant Matrix spec proposal (see: https://github.com/matrix-org/matrix-spec-proposals/pull/4284).
+
+use std::time::Duration;
+
+use conduwuit::{Err, Event, PduEvent, Result, debug, implement, warn};
+use ruma::{
+	RoomId, ServerName,
+	api::federation::room::policy::v1::Request as PolicyRequest,
+	events::{StateEventType, room::policy::RoomPolicyEventContent},
+};
+
+/// Asks a remote policy server if the event is allowed.
+///
+/// If the event is the `org.matrix.msc4284.policy` configuration state event,
+/// this check is skipped. Similarly, if there is no policy server configured in
+/// the PDU's room, or the configured server is not present in the room, the
+/// check is also skipped.
+///
+/// If the policy server marks the event as spam, Ok(false) is returned,
+/// otherwise Ok(true) allows the event. If the policy server cannot be
+/// contacted for whatever reason, Err(e) is returned, which generally is a
+/// fail-open operation.
+#[implement(super::Service)]
+#[tracing::instrument(skip_all, level = "debug")]
+pub async fn ask_policy_server(&self, pdu: &PduEvent, room_id: &RoomId) -> Result<bool> {
+	if *pdu.event_type() == StateEventType::RoomPolicy.into() {
+		debug!(
+			room_id = %room_id,
+			event_type = ?pdu.event_type(),
+			"Skipping spam check for policy server meta-event"
+		);
+		return Ok(true);
+	}
+	let Ok(policyserver) = self
+		.services
+		.state_accessor
+		.room_state_get_content(room_id, &StateEventType::RoomPolicy, "")
+		.await
+		.map(|c: RoomPolicyEventContent| c)
+	else {
+		return Ok(true);
+	};
+
+	let via = match policyserver.via {
+		| Some(ref via) => ServerName::parse(via)?,
+		| None => {
+			debug!("No policy server configured for room {room_id}");
+			return Ok(true);
+		},
+	};
+	if via.is_empty() {
+		debug!("Policy server is empty for room {room_id}, skipping spam check");
+		return Ok(true);
+	}
+	if !self.services.state_cache.server_in_room(via, room_id).await {
+		debug!(
+			room_id = %room_id,
+			via = %via,
+			"Policy server is not in the room, skipping spam check"
+		);
+		return Ok(true);
+	}
+	let outgoing = self
+		.services
+		.sending
+		.convert_to_outgoing_federation_event(pdu.to_canonical_object())
+		.await;
+	debug!(
+		room_id = %room_id,
+		via = %via,
+		outgoing = ?outgoing,
+		"Checking event for spam with policy server"
+	);
+	let response = tokio::time::timeout(
+		Duration::from_secs(self.services.server.config.policy_server_request_timeout),
+		self.services
+			.sending
+			.send_federation_request(via, PolicyRequest {
+				event_id: pdu.event_id().to_owned(),
+				pdu: Some(outgoing),
+			}),
+	)
+	.await;
+	let response = match response {
+		| Ok(Ok(response)) => response,
+		| Ok(Err(e)) => {
+			warn!(
+				via = %via,
+				event_id = %pdu.event_id(),
+				room_id = %room_id,
+				"Failed to contact policy server: {e}"
+			);
+			// Network or policy server errors are treated as non-fatal: event is allowed by
+			// default.
+			return Err(e);
+		},
+		| Err(_) => {
+			warn!(
+				via = %via,
+				event_id = %pdu.event_id(),
+				room_id = %room_id,
+				"Policy server request timed out after 10 seconds"
+			);
+			return Err!("Request to policy server timed out");
+		},
+	};
+	if response.recommendation == "spam" {
+		warn!(
+			via = %via,
+			event_id = %pdu.event_id(),
+			room_id = %room_id,
+			"Event was marked as spam by policy server",
+		);
+		return Ok(false);
+	}
+
+	Ok(true)
+}

src/service/rooms/event_handler/upgrade_outlier_pdu.rs

@@ -1,7 +1,7 @@
 use std::{borrow::Borrow, collections::BTreeMap, iter::once, sync::Arc, time::Instant};
 
 use conduwuit::{
-	Err, Result, debug, debug_info, err, implement, is_equal_to,
+	Err, Result, debug, debug_info, err, implement, info, is_equal_to,
 	matrix::{Event, EventTypeExt, PduEvent, StateKey, state_res},
 	trace,
 	utils::stream::{BroadbandExt, ReadyExt},
@@ -17,6 +17,13 @@ use crate::rooms::{
 };
 
 #[implement(super::Service)]
+#[tracing::instrument(
+	level = "debug",
+	skip_all,
+	fields(
+		event_id = incoming_pdu.event_id().as_str(),
+	)
+)]
 pub(super) async fn upgrade_outlier_to_timeline_pdu<Pdu>(
 	&self,
 	incoming_pdu: PduEvent,
@@ -47,7 +54,7 @@ where
 		return Err!(Request(InvalidParam("Event has been soft failed")));
 	}
 
-	debug!("Upgrading to timeline pdu");
+	trace!("Upgrading PDU from outlier to timeline");
 	let timer = Instant::now();
 	let room_version_id = get_room_version_id(create_event)?;
 
@@ -55,7 +62,7 @@ where
 	//     backwards extremities doing all the checks in this list starting at 1.
 	//     These are not timeline events.
 
-	debug!("Resolving state at event");
+	trace!("Resolving state at event");
 	let mut state_at_incoming_event = if incoming_pdu.prev_events().count() == 1 {
 		self.state_at_incoming_degree_one(&incoming_pdu).await?
 	} else {
@@ -74,7 +81,7 @@ where
 
 	let room_version = to_room_version(&room_version_id);
 
-	debug!("Performing auth check");
+	trace!("Performing auth check to upgrade");
 	// 11. Check the auth of the event passes based on the state of the event
 	let state_fetch_state = &state_at_incoming_event;
 	let state_fetch = |k: StateEventType, s: StateKey| async move {
@@ -84,6 +91,7 @@ where
 		self.services.timeline.get_pdu(event_id).await.ok()
 	};
 
+	debug!("Running initial auth check");
 	let auth_check = state_res::event_auth::auth_check(
 		&room_version,
 		&incoming_pdu,
@@ -97,7 +105,7 @@ where
 		return Err!(Request(Forbidden("Event has failed auth check with state at the event.")));
 	}
 
-	debug!("Gathering auth events");
+	trace!("Gathering auth events");
 	let auth_events = self
 		.services
 		.state
@@ -115,6 +123,7 @@ where
 		ready(auth_events.get(&key).map(ToOwned::to_owned))
 	};
 
+	debug!("Running auth check with claimed state auth");
 	let auth_check = state_res::event_auth::auth_check(
 		&room_version,
 		&incoming_pdu,
@@ -125,8 +134,11 @@ where
 	.map_err(|e| err!(Request(Forbidden("Auth check failed: {e:?}"))))?;
 
 	// Soft fail check before doing state res
-	debug!("Performing soft-fail check");
-	let soft_fail = match (auth_check, incoming_pdu.redacts_id(&room_version_id)) {
+	debug!(
+		event_id = %incoming_pdu.event_id,
+		"Performing soft-fail check"
+	);
+	let mut soft_fail = match (auth_check, incoming_pdu.redacts_id(&room_version_id)) {
 		| (false, _) => true,
 		| (true, None) => false,
 		| (true, Some(redact_id)) =>
@@ -140,7 +152,10 @@ where
 	// 13. Use state resolution to find new room state
 
 	// We start looking at current room state now, so lets lock the room
-	trace!("Locking the room");
+	trace!(
+		room_id = %room_id,
+		"Locking the room"
+	);
 	let state_lock = self.services.state.mutex.lock(room_id).await;
 
 	// Now we calculate the set of extremities this room has after the incoming
@@ -219,10 +234,60 @@ where
 			.await?;
 	}
 
+	if !soft_fail {
+		// Don't call the below checks on events that have already soft-failed, there's
+		// no reason to re-calculate that.
+		// 14-pre. If the event is not a state event, ask the policy server about it
+		if incoming_pdu.state_key.is_none() {
+			debug!("Checking policy server for event");
+			match self.ask_policy_server(&incoming_pdu, room_id).await {
+				| Ok(false) => {
+					warn!("Event has been marked as spam by policy server");
+					soft_fail = true;
+				},
+				| _ => {
+					debug!(
+						"Event has passed policy server check or the policy server was \
+						 unavailable."
+					);
+				},
+			}
+		}
+
+		// Additionally, if this is a redaction for a soft-failed event, we soft-fail it
+		// also.
+
+		// TODO: this is supposed to hide redactions from policy servers, however, for
+		// full efficacy it also needs to hide redactions for unknown events. This
+		// needs to be investigated at a later time.
+		if let Some(redact_id) = incoming_pdu.redacts_id(&room_version_id) {
+			debug!(
+				redact_id = %redact_id,
+				"Checking if redaction is for a soft-failed event"
+			);
+			if self
+				.services
+				.pdu_metadata
+				.is_event_soft_failed(&redact_id)
+				.await
+			{
+				warn!(
+					redact_id = %redact_id,
+					"Redaction is for a soft-failed event, soft failing the redaction"
+				);
+				soft_fail = true;
+			}
+		}
+	}
+
 	// 14. Check if the event passes auth based on the "current state" of the room,
 	//     if not soft fail it
 	if soft_fail {
-		debug!("Soft failing event");
+		info!(
+			event_id = %incoming_pdu.event_id,
+			"Soft failing event"
+		);
+		// assert!(extremities.is_empty(), "soft_fail extremities empty");
 		let extremities = extremities.iter().map(Borrow::borrow);
 
 		self.services
@@ -242,7 +307,10 @@ where
 			.pdu_metadata
 			.mark_event_soft_failed(incoming_pdu.event_id());
 
-		warn!("Event was soft failed: {:?}", incoming_pdu.event_id());
+		warn!(
+			event_id = %incoming_pdu.event_id,
+			"Event was soft failed"
+		);
 		return Err!(Request(InvalidParam("Event has been soft failed")));
 	}
 

src/service/rooms/timeline/create.rs

@@ -165,6 +165,25 @@ pub async fn create_hash_and_sign_event(
 		return Err!(Request(Forbidden("Event is not authorized.")));
 	}
 
+	// Check with the policy server
+	match self
+		.services
+		.event_handler
+		.ask_policy_server(&pdu, room_id)
+		.await
+	{
+		| Ok(true) => {},
+		| Ok(false) => {
+			return Err!(Request(Forbidden(debug_warn!(
+				"Policy server marked this event as spam"
+			))));
+		},
+		| Err(e) => {
+			// fail open
+			warn!("Failed to check event with policy server: {e}");
+		},
+	}
+
 	// Hash and sign
 	let mut pdu_json = utils::to_canonical_object(&pdu).map_err(|e| {
 		err!(Request(BadJson(warn!("Failed to convert PDU to canonical JSON: {e}"))))

src/web/templates/index.html.j2

@@ -7,7 +7,7 @@
     <p>To get started, you can:</p>
     <ul>
         <li>Read the <a href="https://continuwuity.org/introduction">documentation</a></li>
-        <li>Join the <a href="https://matrix.to/#/#continuwuity:continuwuity.org">Continuwuity Matrix room</a> or <a href="https://matrix.to/#/#space:continuwuity.org">space</a></li>
+        <li>Join the <a href="https://matrix.to/#/#continuwuity:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org">Continuwuity Matrix room</a> or <a href="https://matrix.to/#/#space:continuwuity.org?via=continuwuity.org&via=ellis.link&via=explodie.org&via=matrix.org">space</a></li>
         <li>Log in with a <a href="https://matrix.org/ecosystem/clients/">client</a></li>
         <li>Ensure <a href="https://federationtester.matrix.org/#{{ server_name }}">federation</a> works</li>
     </ul>

theme/css/chrome.css

@@ -605,3 +605,8 @@ ul#searchresults span.teaser em {
     margin-inline-start: -14px;
     width: 14px;
 }
+
+/* HACK: Stop the keyboard shortcuts from adding a giant space at the top */
+#mdbook-help-container {
+    display: none;
+}