One thing Mastodon servers could do straight away is switch on "authorized fetch" (https://fedi.tips/authorized-fetch/).
It's off by default apparently because it uses more resources and used to break a lot of connections.
However, authorized fetch does seem to work much better nowadays? Maybe more servers need to switch it on?
(For whatever it's worth, been running authorized fetch on my own instance at social.growyourown.services and haven't run into any problems so far...)