masto meta, don't read really
I've blocked social.librem.one from this instance for now as it appears they've removed the ability to report users [1].
That seems like such a fundamental requirement of large scale federation that I can't really imagine dealing with an instance like that. If they eventually provide a reasonable explanation, or just fix the problem, I'll remove the block.
1) https://source.puri.sm/liberty/smilodon/commit/9cae431902a2c0ce6438c6722a3a901e279c78fc
PSA: botsin.space, spam
also, new account signups are still turned off for a little while, i'll reactivate those tonight or tomorrow
PSA: botsin.space, spam
i strongly suspect i'm fighting a losing battle here, the only question is who runs out of energy first, me or whoever is running this spam farm
PSA: botsin.space, spam
for context, there have been around 250 accounts that signed up in the last month which i've suspended for spam. Something like 175 of those were in the last week. They've sent thousands of spam statuses out. I've slowly ramped up tools to prevent that until this point.
re: datacenters, i pulled a set of 40 unique ip address of spammers. i can identify 35 of them as being in a datacenter. blocking those is an easy choice at that point.
PSA: botsin.space, spam
Hi all, I've added some code to botsin.space to help fight spam. the changes are:
1) prevent account signups from datacenters
2) prevent unsolicited statuses (in most cases) to users you don't follow
#1 is going to block many spam accounts, but is also probably going to be an issue for Tor users who want to create an account here. Sorry about that.
#2 should block a bunch of spam, and ideally you shouldn't be sending unsolicited messages anyway.
PSA: I wrote some code last night to prevent sending DMs to someone who does not follow you, if a link is included in the status. That's running on botsin.space now. Hopefully it helps with spam issues.
This is the commit: https://github.com/muffinista/mastodon/commit/45b0720bfaf7020385e00028f0929c40a637e679
If it works out, I'll refine it and write a PR for the main repo.
@muffinista@cybre.space testing this https://muffinlabs.com/
PSA: botsin.space, tor, etc
just to keep things interesting, while the traffic i'm dealing with comes from OVH, it does not appear to be using Tor
PSA: botsin.space, tor, etc
this whole thing sucks and is a huge weak spot in the fediverse right now
PSA: botsin.space, tor, etc
I am essentially left with three options:
1) Scan DMs for spam content
2) Block the IP range the content originates from
3) Shut down botsin.space
I will never do #1. I'd rather not do #3. That leaves #2
PSA: botsin.space, tor, etc
Meanwhile, I learned that a lot of Tor exit nodes are hosted on OVH. To be frank, your desire to maintain anonymity while viewing bots on the fediverse does not outweigh my needs to be a mentally healthy person. If I can find a way to allow Tor while blocking spam, I will do that, but I am not going to spend a lot of time on it because I don't expect it to be possible. I am truly sorry for any problems that causes. That said...
PSA: botsin.space, tor, etc
This is something I've been dealing with for a long time, and knowing that OVH won't do anything about it, I decided to block their netblocks from the botsin.space server.
I did that last night. This morning I removed those blocks, when I realized that a few mastodon instances are on OVH. I don't want to break federation so I'm going to rewrite the block rules to hopefully allow federation while blocking the spam.
PSA: botsin.space, tor, etc
As a professional sysadmin, I've been dealing with OVH almost since their inception and for most of that time it has been a source of a disproportionate amount of spam, server attacks, hacking attempts, and so on. What's more, I've experienced what amounts to criminal neglect when attempting to get them to deal with these sorts of issues.
hello! i run botsin.space but my main account is muffinista@cybre.space