Occasionally, a Multi-User Chat (XEP-0045) [1] moderator might wish to moderate certain groupchat messages by, for example, retracting them from the groupchat history as part of an effort to address and remedy issues such as message spam, indecent language for the venue or exposing private third-party personal information.
This XEP is designed in such a way to also allow other potential moderator actions, such as message editing, but these actions fall out of the scope of this XEP and we will only be considering message retractions.
Due to the federated nature of XMPP and as with any content moderation tool, the moderation request can only be considered as a hint and clients which don't support message moderation are not obligated to enforce any such request.
If a groupchat supports moderated message retraction, it MUST specify the 'urn:xmpp:message-moderate:1' feature in its service discovery information features as specified in Service Discovery (XEP-0030) [2] and the Entity Capabilities profile specified in Entity Capabilities (XEP-0115) [3].
Consider a situation where a user sends a message that may be deemed inappropriate by a groupchat moderator. The MUC will append a Unique and Stable Stanza IDs (XEP-0359) [4] stanza ID to the message before relaying it to all participants.
The moderator sees the message and indicates to their client that the message should be retracted. The client then sends an IQ stanza to the MUC service, requesting that the message be retracted.
An optional <reason/> element may be included inside the <moderate/> element, to provide a human-readable explanation why the message was retracted.
If the moderator is allowed to moderate the message, the MUC will send a message stanza to all participants (including the moderator), indicating that the message has been retracted and by whom.
This message will use Message Retraction (XEP-0424) [5] to indicate that it is a retraction, and will refer to the retracted message by its XEP-0359 Stanza ID. Care must be taken to use the stanza ID that was added by the MUC, i.e. which has a "by" attribute set to the MUC JID, and not some other stanza ID. The client MUST check that the correct stanza ID was used and ignore the stanza if not.
Inside the <retract/> element is a <moderated/> element indicating that the retraction was a moderator action, as well as an optional reason.
The MUC also responds with an IQ "result" stanza.
In case the message could for some reason not be retracted, the MUC responds with an IQ stanza of type error.
A Message Archive Management (XEP-0313) [6] service MAY replace the contents of a message, that was retracted due to moderation, with a 'tombstone' similar to the one described in Message Retraction (XEP-0424) [5].
The archiving service replaces the message contents (i.e. the <body/> and any related elements which might leak information about the original message) with a <retracted/> element which in turn contains a <moderated/> element.
Note the past tense in the element names, e.g. "retracted" instead of just "retract", to indicate that the retraction has already been executed and that this is therefore a tombstone and not an action that should be applied.
The <moderated/> element SHOULD have a 'by' attribute specifying the JID of the moderating entity. There might however be cases where it's preferable to not specify which JID was responsible for the moderation, for example when the moderation happens in an automated manner.
If the message was sent in a semi-anonymous MUC, the occupant id from Anonymous unique occupant identifiers for MUCs (XEP-0421) [7] SHOULD be included for the moderator in the <moderated/> element and for the original (retracted) message author in the <message/> element.
A moderator MUST NOT send a moderation request for a message with non-messaging payloads. For example, a moderator MUST NOT moderate a roster item exchange request or a file transfer part.
In MUCs, only moderation messages (not tombstones, but messages containing the <moderate/> element) received from the MUC service itself are legitimate, all other such messages MUST be discarded.
The MUC or other service that supports message retraction SHOULD prevent further distribution of a moderated retracted message and the archiving service MAY replace the retracted message with a tombstone.
There can never be a guarantee that a moderated message will appear as such in all clients. Clients should therefore, when possible, inform users that no such guarantee exists.
To prevent message spoofing, it's very important to check that the moderation message comes from the MUC service (as explained in the Business Rules section).
None.
The XMPP Registrar [8] includes 'urn:xmpp:message-moderate:1' in its registry of protocol namespaces (see <https://xmpp.org/registrar/namespaces.html>).
If the protocol defined in this specification undergoes a revision that is not fully backwards-compatible with an older version, the XMPP Registrar shall increment the protocol version number found at the end of the XML namespaces defined herein, as described in Section 4 of XEP-0053.
This document in other formats: XML PDF
This XMPP Extension Protocol is copyright © 1999 – 2020 by the XMPP Standards Foundation (XSF).
Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.
## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. ##
In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.
This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which can be found at <https://xmpp.org/about/xsf/ipr-policy> or obtained by writing to XMPP Standards Foundation, P.O. Box 787, Parker, CO 80134 USA).
The HTML representation (you are looking at) is maintained by the XSF. It is based on the YAML CSS Framework, which is licensed under the terms of the CC-BY-SA 2.0 license.
The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 6120) and XMPP IM (RFC 6121) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.
The primary venue for discussion of XMPP Extension Protocols is the <standards@xmpp.org> discussion list.
Discussion on other xmpp.org discussion lists might also be appropriate; see <https://xmpp.org/community/> for a complete list.
Errata can be sent to <editor@xmpp.org>.
The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".
1. XEP-0045: Multi-User Chat <https://xmpp.org/extensions/xep-0045.html>.
2. XEP-0030: Service Discovery <https://xmpp.org/extensions/xep-0030.html>.
3. XEP-0115: Entity Capabilities <https://xmpp.org/extensions/xep-0115.html>.
4. XEP-0359: Unique and Stable Stanza IDs <https://xmpp.org/extensions/xep-0359.html>.
5. XEP-0424: Message Retraction <https://xmpp.org/extensions/xep-0424.html>.
6. XEP-0313: Message Archive Management <https://xmpp.org/extensions/xep-0313.html>.
7. XEP-0421: Anonymous unique occupant identifiers for MUCs <https://xmpp.org/extensions/xep-0421.html>.
8. The XMPP Registrar maintains a list of reserved protocol namespaces as well as registries of parameters used in the context of XMPP extension protocols approved by the XMPP Standards Foundation. For further information, see <https://xmpp.org/registrar/>.
Note: Older versions of this specification might be available at https://xmpp.org/extensions/attic/
First draft
@report{brand2019message-moderation, title = {Moderated Message Retraction}, author = {Brand, JC}, type = {XEP}, number = {0425}, version = {0.3.0}, institution = {XMPP Standards Foundation}, url = {https://xmpp.org/extensions/xep-0425.html}, date = {2019-09-25/2023-03-02}, }
END