Someone is scraping public #Matrix rooms for user data using a bot
@server_stats:nordgedanken.dev
https://stats.serverstats.nordgedanken.dev/app_direct/server_stats/
https://matrix.to/#/#server_stats:nordgedanken.dev
I really don't think this is GDPR compatible somehow?
My advice, yeet the bot. Is there a way to de-federate from that domain? I haven't actually seen that in the docs.
@kawaiipunk server-wide defederating isn't really a thing, but you could set a server acl to ban that server from a specific room. That's the only account being used tho so a ban is easier
@kawaiipunk yes. bots like Mjolnir (https://github.com/matrix-org/mjolnir) can be used to sync them across multiple