The text (#16 ) should explain that if joining was unwanted, the operator should be contacted (within the support room?) and/or that it can be kicked.

But effective abuse control through kicking requires that it also mentions kicking in the control room, and that would be additional complexity.

• At present, it only introduces itself in the initial post
• Provide an option for the bot to identify itself when queried (ideally by a moderator later on, but at present just by anyone).
• As a simple implementation, it could always reply when @mentioned.

• At present, anyone could get your bot banned by manually invite it or commanding it towards a high number of rooms (or just a few with a trigger-happy moderator)
• As an easy workaround, only accept bot commands within its designated command room
• You may leave the room public while it is not abused, but as a benefit, you would see where it is commanded to and by whom (and ban those who abuse this right and/or make the room invite-only later on)

We sometimes invite it to rooms that are abandoned. These are very good inputs to the scam detector, but it makes no sense to mention "mods" if there is nobody there. The current workaround is if a mod mutes the whole room completely, which is not ideal.

It might be a good idea to have options to set this via #11

The bot could be controlled by slash commands in a designated room and/or by whoever invited it and/or from whichever room it was sent from there.

!police modmention false or !police modmention #room:example.com false

The bot writes "in null" if the room has no primary alias published (but may have aliases otherwise) Could we perhaps print (all of) its aliases in such cases?

Warning This pull request will break existing instances (if updated)

To fix your instance, you will have to go though the self-hosting instructions again.

The configuration file is now in YAML format. In addition, this PR also adds the authorizedUsers variable, which is a list / array of users that can use admin commands.

• Ran npm init to create fields in package.json
• Added start script that starts the bot (because why not)
• Change named field in package-lock.json to match with repository name (spam-police)

Summary of changes:

• Added, renamed, and resized headings
• Hyperlinked Matrix rooms/spaces
• Utilized the "new" note/warning labels
• Added UNIX commands so self-hosters can easily copy and paste
• Reworded and formatted text
• Added git as an optional requirement along with NodeJS and NPM

At present, the bot outputs a separate entry for each abuser.

In our ban reason, I mention all major rooms where the abuse happened. If I just blindly copy & paste these warnings, I will keep rewriting the rule for the user, thus losing the past list of abuse for him.

Hence it would be useful if the bot either replied to its previous warning for the same user, or if it edited the past warning to add new rooms there.

Some people invite it to experiment with it - you could need this as well.

Posts related to experimentation should not be cross-posted to the scam rooms as some may interpret it as abuse and place a global ban on the moderator playing with it.

• https://en.wikipedia.org/wiki/IDN_homograph_attack#Defending_against_the_attack
• https://en.wikipedia.org/wiki/Mathematical_Alphanumeric_Symbols#Latin_letters
• https://en.wikipedia.org/wiki/Letterlike_Symbols#Glyph_variants
• https://en.wikipedia.org/wiki/Enclosed_Alphanumeric_Supplement

It could be worthwhile to also implement some simple edit-distance based fuzzy typo allowance & fuzzy keyword matching might be set as well. And also, if a message contains too (many) characters not participating in valid words of the sentence, that would be a red flag.

Each room is limited to a single language in 99% of the cases, thus posting foreign spam is already a red flag. This is important in the dozens of local language rooms where the indiscriminate English spammer sometimes joins as well. But also, dictionaries exist (see your package manager, or Wiktionary, Wikipedia, etc). Or you could just go through the chat log to collect words and sentences used by non-troll members in the past (=ham) to help discriminate it from unusual content (spam).