Skip to main content

Search

Items tagged with: fediadmin


If you are using one of the *oma instances (Akkoma, Pleroma, etc): you can easily handle this spam wave without playing defederation whack-a-mole by doing the following:

  • Enable RejectNewlyCreatedAccountNotesPolicy and set the limit to at least one hour. Note that this is not without tradeoffs: users who migrate to new accounts will not be able to reach your instance until their account is old enough, and will often wonder what’s going on.
  • Enable HellthreadPolicy to limit the maximum number of mentions in a post before it stops notifying mentioned users, or before it’s rejected outright. Temporarily decrease the limit during a spam wave if you need to.
  • Enable KeywordPolicy and add strings commonly found in spam posts, such as domain names (followed by a slash, to reduce false positives from real users simply mentioning the domain without linking it), hashtags, and uncommon words. Look up the “Scunthorpe Problem” if you’re unfamiliar.

When the dust settles, depending on available spoons, I might go through the instances that haven’t cleaned up spam after multiple days. Those are likely abandoned and extra-vulnerable to future attacks and block evaders. On *oma, these defederations will not sever connections and are reversible.

#Spam #SpamWave #FediAdmin


A so-called "AI-powered social network start-up" has started cloning posts from across the Fediverse without asking permission. You can find out more in this discussion thread:

social.wake.st/@liaizon/112603…

You might want to defederate from Maven, the domains to suspend are:

maven.ly
heymaven.com

This defederation will be much more effective if you have "authorized fetch" switched on, more info about it at fedi.tips/authorized-fetch

(via @liaizon)

#FediAdmin #MastoAdmin #Fediverse


Hello all Fedi Admins who have problems with spam!

The Mute List 2.2.2


I have been updating the spam list and found ~104 additional instances that continued spamming! I, with lots of help of other Fedi Admins, have compiled the instances into a list which mutes them, and does not defederate from them!

I'd highly appreciate a small donation here as I've worked really hard and long on creating this, which given my current schedule I can hardly justify! Thanks!

There is a new type of spam, the same instances are affected as before. Those responsible in Japan are said to have been arrested.

Download the list here.

Instructions and Explanation of the List.

Once this list is imported, most of the spam is gone. The whole thing is easy for you, with just one click! In addition, no instance is blocked forever, no followers etc. are destroyed or unfollowed, only muted.

You can simply import this list by going to https://yourinstance.tld/admin/export_domain_blocks/new and replacing yourinstance.tld with the domain of the instance you are the administrator of!

Alternatively, you can also click on Settings => Moderation => Federation => Import to import this list.

Note that although all instances can be imported with one click, these instances must be removed individually when the spam is over.

Also note that it only makes sense to import this list and mute the spam instances if you have blocked your spam locally and permanently, as described here.

Here's to a spam-free Fediverse :apartyblobcat: !

#MastoAdmins #FediBlock #Spam #Spamwave #Fedimins #FediAdmin #FediAdmins FediAdminEN


Hallo alle Fedi-Admins die Probleme mit Spam haben!

Die Mute-Liste 2.2.2


Ich habe die Spam-Liste aktualisiert und ~104 zusätzliche Instanzen gefunden, die weiterhin spammen! Ich habe, mit viel Hilfe von anderen Fedi Admins, die Instanzen in einer Liste zusammengestellt, die sie stumm schaltet und nicht von ihnen deföderiert!

Ich würde mich sehr über eine kleine Spende hier freuen, da Ich wirklich hart und lange an der Erstellung dieser Liste gearbeitet habe, was Ich angesichts meines aktuellen Zeitplans kaum rechtfertigen kann! Dankeschön!

Es gibt eine neue Art von Spam, die gleichen Instanzen sind betroffen wie vorher. Die Verantwortlichen in Japan sollen verhaftet worden sein.

Downloaded die Liste hier.

Anleitung und Erklärung zur Liste.

Ist diese Liste importiert ist ein Großteil des Spams vorbei. Das ganze ist für euch leicht, geht mit einem klick! Zudem wird keinerlei Instanz für immer geblockt, keinerlei Follower etc. zerstört oder deföderiert, sondern nur stummgeschaltet. Das ist sehr leicht umkehrbar.

Ihr könnet diese Liste einfach importieren, indem ihr auf https://yourinstance.tld/admin/export_domain_blocks/new geht und yourinstance.tld durch die Domain derer Instanz ersetzt, von der ihr der Administrator seid!

Alternativ könnt ihr auch auf Einstellungen => Moderation => Föderation => Importieren drücken, um diese Liste zu importieren.

Beachtet, dass zwar alle Instanzen mit einem Klick importiert werden können, dass aber diese Instanzen einzeln entfernt werden müssen, wenn der Spam vorbei ist.

Beachtet auch, dass es nur Sinn ergibt, diese Liste zu importieren und die Spam-Instanzen stumm zu schalten, wenn ihr euren Spam lokal und nachhaltig blockiert habt, wie hier beschrieben.

Auf ein Spam-Freies Fediverse :apartyblobcat:​ !

#MastoAdmins #FediBlock #Spam #Spamwelle #Fedimins #FediAdmin #FediAdmins FediAdminDE


im getting really tired... -w-

summary of today:

someone on a Japanese hacker forum decided it was a good idea to spam the entire Fediverse because they wanted to cancel a minor that DDoSed a Discord bot which apparently made them lost millions (what?)

A Discord bot. I can't make this shit up man.

The real culprit seems to be someone who goes by mumei in the ctkpaarr.org forums, whose first post was literally a threat to ap12, that if they don't delete their "Kuroneko Server" Discord bot, they will spam every blog, forum and SNS and cancel him.

This shit is ridiculous.

The ap12 account from mastodon-japan was actually fake, and this dude impersonated a minor to get all of the Fediverse (us) to bully him.

The forum admins didn't even stop this. Why? lulz apparently. #fediblockmeta#fediadmins#fediadmin#mastoadmin#mastoadmins#spam#cybercrime#cybersec#infosec#drama#discord


There's currently an incident involving some kind of Japanese skids who call themselves the "Kuroneko" organization.

They seem to be attempting to commit DDoS attacks on Misskey servers, constantly creating new accounts on compromised instances and spamming advertisements for their hacking services.

Admins who are federating with these compromised servers, while they might not get compromised themselves, may be affected by the sheer amount of traffic volume from their spam.

Admins are advised to #fediblock or temporarily stop sending requests to affected servers for now, if they don't want to get secondhand DoS'd

IMO I never expected them to be Japanese out of all things, kinda funny. They also host VOICEROID and VOICEVOX TTS bots on their Discord apparently. Kinda a weird flex I guess.

But yeah, probably just a bunch of skids.
#fediblock#fediadmin#fedadmins#mastodadmin#misskeyadmin


oh, here's some JUICY rumored details about meta's plans for the fediverse

tl;dr "Meta will only federate with select larger instances from the beginning. There will be contracts which also provide for financial compensation for the instance owners."

can't entirely verify their validity but it's still worth posting just in case

#FediPact #barcelona #project92 #p92 #meta #facebook #fediverse #fediblockmeta #FediAdmin #MastoAdmin #threads


PSA: It looks like mastodon.social has implemented hCAPTCHA on their signups yesterday.

So, if you have limited / suspended mastodon.social because of the spam issue, you may wish to reconsider this.

This will also likely mean that spammers will move to different instances (already seeing them targeting mastodon.world).

You may wish to consider implementing hCAPTCHA yourself to protect your own instance, and here is the relevant PR:

github.com/mastodon/mastodon/p…

The reason I'm suggesting this, is because if you are a small/medium instance with open registrations, and spammers find and abuse your instance, I imagine that other instances will limit/suspend your instance without hesitation, given how willing some were to limit/suspend the much larger mastodon.social.

But do note this comment on the PR:

“To give some context to people seeing this: this is an emergency feature backport from Glitch SOC to help mitigating an ongoing spam wave, this feature may not make it in a next release, or with significative changes.”


#MastoAdmin #FediAdmin #fediblock


One of the main challenges for new servers on here is discovering content to interact with.

Relays speed up the discovery process, and allow even a single user server to automatically see a large part of the Fediverse.

There's a new relay service by @astro­@c3d2.social called FediBuzz Relay:

➡️ relay.fedi.buzz

It allows servers to subscribe to custom relays based on tags or instances. (If you use this, can you let us know your experiences in the replies?)

#FediAdmin #MastoAdmin