It would be great to have mod_firewall work on MUCs, and provide additional functionality there.
First, I have no idea whether mod_firewall would work on a MUC domain at all, and with which side effects.
Second, the following (native) features would be great:
- tracking of spammer occupant JIDs in a global (not per-MUC) list
- rejection of MUC messages that violate firewall rules
- silent dropping of MUC messages that violate firewall rules
- shadow-ban: only reflect messages to the sender, but to nobody else
- kick occupant
- ban occupant
- add occupant to spammer list