Allow admins to refuse federation based on self-identified software

[dariusk]

Pitch

I want a feature where an admin can say "servers that self-identify as running a particular version of particular federated software are not allowed to federate with me". Basically a pre-emptive block (maybe with an additional option of "allow but only after moderation"). Ideally this is in the admin interface and not just command-line-based, so admins using managed hosting can take advantage.

This would rely on how remote servers identify the software they are running. Of course anyone can identify as anything, and this won't catch people who deliberately spoof their software identification, but for many uses cases this will be just fine.

Motivation

Potential uses:

• Don't allow servers running known insecure versions of software to federate with me
• Only let my server federate with people running the same software I do
• People who use Software X like to gang up on my users
• I disagree with how Software Y is licensed and would like to defederate automatically
• and probably many more

Anyway, these aren't necessarily uses I agree with but I think it's nice provide more moderation tools to admins.

[marrus-sh]

In addition to completely blocking federation, we would like to pre·emptively silence instances implementing global fulltext search to prevent unwanted replies.

[RockstarRaccoon]

I really don't like this idea, because of what it could potentially do to network connectivity. We already have a serious problem of it not being easy to tell which servers have what level of moderation, and thus which servers are blocking what, and the implementation of being able to opt out of quote-posts has recently dug back up the issue of servers blocking instances simply for implementing quote-posts, or at least a concern about it because I don't know how widespread that is.

What happens when a group of instances with zealous moderation all decide to use this to block everything that isn't vanilla Mastodon? It's no longer an open social network at that point, as it requires a specific program, and as of now, there's not an easy way for new users to tell the difference.

I think the tools we have now to block bad actor instances are More worth furthering. If we automate some sort of cross-server moderation, it should be based on the content of those instances, not what they are running.