[Server Access Control Lists](https://spec.matrix.org/v1.10/server-server-api/#server-access-control-lists-acls)
and their associated [event](https://spec.matrix.org/v1.10/client-server-api/#mroomserver_acl),
`m.room.server_acl`, are intended to control which servers can interact
with a Matrix room
### Problem: ambient room access
Overwhelmingly server ACL use in the federation is as a
reactive measure to servers which are known to proliferate abuse.
These servers are often added to the `deny` list, and it is the author's
subjective understanding that the majority of public Matrix rooms
use an allow list of `["*"]`. For any room with an `allow` literal of
`["*"]`, servers are given unrestricted authority to interact with
the room, even poison the DAG, before a room administrator is even
aware of the attacking server's existence[^room-admin]. As the
the room admin is unaware of the existence of the attacking server,
this means that they or their tooling will be unable to research
the reputation of the server and determine whether to `deny` them
until an attack is already underway, which is too late.
This is why we are introducing the `m.server.knock_rule` later in this
proposal. DO NOT assume this is comparable to `membership` knocking
until you have read the proposal.
### Problem: leaky servers
Server ACLs are specified as restricting which requests a server
can make in relation to a room from the [server-server API](https://spec.matrix.org/v1.10/server-server-api/#server-access-control-lists-acls).
> The ACLs are applied to servers when they make requests
> Note: Server ACLs do not restrict the events relative to the room DAG via authorisation rules, but instead act purely at the network layer to determine which servers are allowed to connect and interact with a given room.
There is one notable exception to this, which is currently