mrf.md 5.01 KB
Newer Older
rinpatch's avatar
rinpatch committed
1
# Message Rewrite Facility
uiri's avatar
uiri committed
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
The Message Rewrite Facility (MRF) is a subsystem that is implemented as a series of hooks that allows the administrator to rewrite or discard messages.

Possible uses include:

* marking incoming messages with media from a given account or instance as sensitive
* rejecting messages from a specific instance
* removing/unlisting messages from the public timelines
* removing media from messages
* sending only public messages to a specific instance

The MRF provides user-configurable policies.  The default policy is `NoOpPolicy`, which disables the MRF functionality.  Pleroma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module.  
It is possible to use multiple, active MRF policies at the same time.

## Quarantine Instances

You have the ability to prevent from private / followers-only messages from federating with specific instances. Which means they will only get the public or unlisted messages from your instance.

If, for example, you're using `MIX_ENV=prod` aka using production mode, you would open your configuration file located in `config/prod.secret.exs` and edit or add the option under your `:instance` config object. Then you would specify the instance within quotes.
```
config :pleroma, :instance,
  [...]
  quarantined_instances: ["instance.example", "other.example"]
```

## Using `SimplePolicy`

`SimplePolicy` is capable of handling most common admin tasks.

To use `SimplePolicy`, you must enable it.  Do so by adding the following to your `:instance` config object, so that it looks like this:

```
config :pleroma, :instance,
  [...]
  rewrite_policy: Pleroma.Web.ActivityPub.MRF.SimplePolicy
```

Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object.  These groups are:

* `media_removal`: Servers in this group will have media stripped from incoming messages.
* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
* `reject`: Servers in this group will have their messages rejected.
* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields.

Servers should be configured as lists.

### Example

This example will enable `SimplePolicy`, block media from `illegalporn.biz`, mark media as NSFW from `porn.biz` and `porn.business`, reject messages from `spam.com` and remove messages from `spam.university` from the federated timeline:

```
config :pleroma, :instance,
  rewrite_policy: [Pleroma.Web.ActivityPub.MRF.SimplePolicy]

config :pleroma, :mrf_simple,
  media_removal: ["illegalporn.biz"],
  media_nsfw: ["porn.biz", "porn.business"],
  reject: ["spam.com"],
  federated_timeline_removal: ["spam.university"]

```

### Use with Care

The effects of MRF policies can be very drastic.  It is important to use this functionality carefully.  Always try to talk to an admin before writing an MRF policy concerning their instance.

## Writing your own MRF Policy

As discussed above, the MRF system is a modular system that supports pluggable policies.  This means that an admin may write a custom MRF policy in Elixir or any other language that runs on the Erlang VM, by specifying the module name in the `rewrite_policy` config setting.

For example, here is a sample policy module which rewrites all messages to "new message content":

rinpatch's avatar
rinpatch committed
73
```elixir
uiri's avatar
uiri committed
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
# This is a sample MRF policy which rewrites all Notes to have "new message
# content."
defmodule Site.RewritePolicy do
  @behavior Pleroma.Web.ActivityPub.MRF

  # Catch messages which contain Note objects with actual data to filter.
  # Capture the object as `object`, the message content as `content` and the
  # message itself as `message`.
  @impl true
  def filter(%{"type" => Create", "object" => {"type" => "Note", "content" => content} = object} = message)
      when is_binary(content) do
    # Subject / CW is stored as summary instead of `name` like other AS2 objects
    # because of Mastodon doing it that way.
    summary = object["summary"]

    # Message edits go here.
    content = "new message content"

    # Assemble the mutated object.
    object =
      object
      |> Map.put("content", content)
      |> Map.put("summary", summary)

    # Assemble the mutated message.
    message = Map.put(message, "object", object)
    {:ok, message}
  end

  # Let all other messages through without modifying them.
  @impl true
  def filter(message), do: {:ok, message}
end
```

If you save this file as `lib/site/mrf/rewrite_policy.ex`, it will be included when you next rebuild Pleroma.  You can enable it in the configuration like so:

```
config :pleroma, :instance,
  rewrite_policy: [
    Pleroma.Web.ActivityPub.MRF.SimplePolicy,
    Site.RewritePolicy
  ]
```

rinpatch's avatar
rinpatch committed
119
Please note that the Pleroma developers consider custom MRF policy modules to fall under the purview of the AGPL.  As such, you are obligated to release the sources to your custom MRF policy modules upon request.