Rate-Limiting for set_presence changes

[lordgurke]

Description:

I notice that within the last few days (probably with a new version of Element Desktop) these clients start flooding my synapse server with presence changes if there are multiple sessions.
I observed over 30+ presence requests per second from single clients, giving noticeable load on the server.
These are changes which are flipping between set_presence=online and set_presence=unavailable.
This might be a bug somewhere in Element or Synapse at the moment, but a rogue client could deliberately flood the server with presence changes which then can render it completely unusable.
There should be a rate-limiting applied for presence updates per user or per session in order to prevent this.

[DMRobertson]

We did some work on this recently; this may be fixed by sufficiently new versions. To that end: which version of Synapse are you using? Are you able to see which versions of Element are being used by the affected users e.g. by looking for user agents in the logs?

[DMRobertson]

recently

#16057 and #16066 are what I had in mind here.

[lordgurke]

Thanks for your response!
I checked and my server was running on 1.89.0.
An hour ago I updated to 1.96.1 and the issue seems gone since then, but there's a very low chance that the bad behaving client has not reconnected since. I think my current issue is gone, but nontheless I think there should be some sort of rate-limiting for presence updates.