Matrix Allow/Block List

Blocking or allowing specific domain names or IPs address to communicate with your Matrix Homeserver

Synapse

To configure your Matrix federation for specific workspaces, you can define a subset of whitelisted servers in your Synapse server's configuration file (data/homeserver.yaml). By specifying this whitelist, you control which Matrix servers are allowed to federate with your workspace. If you don't specify this whitelist, the default behavior is to allow federation with any Matrix server. You can block undesired communication with specific homeservers or allow only the desired ones.

See the official Synapse documentation for more details about this configuration.

Block List

• Add the following to the Synapse configuration file:

  • ip_range_blacklist: Creates a block list by IP ranges (List all IPs you want as a YAML array).

To learn more, see Blacklisting IP ranges.

• Then, restart synapse server with this command:

docker restart synapse

Allow List

• Add the following to the Synapse configuration file:

  • ip_range_whitelist: Creates an allow list by IP ranges (List all IPs you want as a YAML array).

  • federation_domain_whitelist: Creates an allow list by domain names (List all domain names you want as a YAML array). Here is an example:

federation_domain_whitelist:
  - lon.example.com
  - nyc.example.com
  - syd.example.com

• Then, restart synapse server with this command:

docker restart synapse

To learn more, see federation_domain_whitelist.

Dendrite

Currently, Dendrite does not support creating allow/block lists.

Federate Two or More Rocket.Chat Workspaces

To set up two Rocket.Chat workspaces for exclusive federation between themselves,

• Configure each Rocket.Chat workspace with its Matrix server separately

• Whitelist the domains of both Rocket.chat workspaces on each instance.