spantaleev
commented
4 years ago It should be possible to intercept and reject certain endpoints (/key related APIs) and also prevent sending of some room messages (at least submitted from users on your server) which pertain to enabling encryption.
While possible, it's not really a single thing to intercept and block, so it is a little complicated. For now, I'm refraining from chasing these various things and working on such a feature. It should be possible though. And if there's demand or someone willing to work on it, that'd be nice.
Hopefully a Synapse feature will land, which would let people disable it there, so we wouldn't have to bother.
For completeness, I should mention that besides the Synapse thing, there's also a way to tell Riot clients to avoid E2EE (see https://github.com/vector-im/riot-web/pull/13914 and https://github.com/vector-im/riot-web/issues/13705). Of course, this only works with Riot and is more of a hint and not something that gets enforced.
When Synapse implement E2EE features, there are still no ways to disable all E2EE stuff on per-server level, here is issue about this https://github.com/matrix-org/synapse/issues/4401. For example, some corporate instances need that all messages will be available on server, so want to force disable all abilities to encrypt messages.
Before this will fixed in Synapse (and SPEC), for solve this problem will be good to implement some middleware in Matrix Corporal, that will stop all client-server messages, related to using E2EE stuff.
Is this possible and hard to implement via current Matrix Corporal features?