we really shouldn't accept to_device messages for non-existent devices

[richvdh]

we sometimes get to_device messages for devices which have been deleted (for example, because clients send key_requests for them. They then just sit in device_inbox and fill up the disk.

[richvdh]

related: #3599

[anoadragon453]

After some local testing, it looks as if we do ignore to_device messages - both from federation and local clients - to devices that don't exist. I believe this line enforces that:

synapse/synapse/storage/databases/main/deviceinbox.py

Lines 509 to 513 in 6633a40

	# Only insert into the local inbox if the device exists on
	# this server
	device_id = row["device_id"]
	message_json = json_encoder.encode(messages_by_device[device_id])
	messages_json_for_user[device_id] = message_json

However, element-hq/element-web#15638 shows (and I can confirm a similar situation on my own homeserver) that to_device messages to public cross-signing keys are being captured and stored forever. They are also the most prevalent for my user in my homeserver's database.

So one of the main problems with device_inbox table growth may not be that we're not ignoring messages to unknown devices, as we do seem to be doing so. The cross-signing keys seem to be real devices that exist in the devices table.

[anoadragon453]

I think this can be closed in favour of #9348.