Search
Items tagged with: Spam
Addendum for mods/admins:
In the last spam wave, we found that most of the spam comes from instances we have had zero, or negligible, contact with. If you check the details of the server in the Moderation/Federation menu and it shows that there are no followings to/from it, it is safe (and wise) to suspend the whole server, not only the reported user. (More new users are usually spawned as long as the server is unsecured.)
#moderation #spam #admin
If you are using one of the *oma instances (Akkoma, Pleroma, etc): you can easily handle this spam wave without playing defederation whack-a-mole by doing the following:
- Enable
RejectNewlyCreatedAccountNotesPolicy
and set the limit to at least one hour. Note that this is not without tradeoffs: users who migrate to new accounts will not be able to reach your instance until their account is old enough, and will often wonder what’s going on. - Enable
HellthreadPolicy
to limit the maximum number of mentions in a post before it stops notifying mentioned users, or before it’s rejected outright. Temporarily decrease the limit during a spam wave if you need to. - Enable
KeywordPolicy
and add strings commonly found in spam posts, such as domain names (followed by a slash, to reduce false positives from real users simply mentioning the domain without linking it), hashtags, and uncommon words. Look up the “Scunthorpe Problem” if you’re unfamiliar.
When the dust settles, depending on available spoons, I might go through the instances that haven’t cleaned up spam after multiple days. Those are likely abandoned and extra-vulnerable to future attacks and block evaders. On *oma, these defederations will not sever connections and are reversible.
A pity that the project neglects Sieve a/o doesn't support github.com/thsmi/sieve
#thunderbird #sieve #email #spam
If you're new to Thunderbird, helping someone get started, or were just curious, we explain not only how Thunderbird's spam filters work, but our tips and tricks for putting them to work to keep your inbox spam and junk free. 📧
Do #Duolingo’s or #LinkedIn’s endless marketing emails get on your nerves? 🤔 🤔
We have collected tips to stop companies’ marketing and #spam emails.
Enjoy a clutter-free mailbox today! 🔒 ❤️
👇 👇 👇
tuta.com/blog/stop-email-spam-…
How to stop email spam and block invasive marketing strategies.
Using your email address for sign ups can quickly clutter your inbox with unwanted marketing emails. Luckily you can stop this wave of spam by changing the default settings.Tutanota
It's 2024 and #Google is now requiring bulk #email senders to use DMARC, SPF, & DKIM when emailing #Gmail users. 👍
👉 tuta.com/blog/google-introduci…
This is a great step, BUT why did they allow bulk senders to send #spam emails without proper #security standards until now? 🤔
Google introduces new security requirements for bulk email senders - but should have done so years ago.
Google and Yahoo! will require the use of DMARC, SPF, and DKIM in an attempt to crackdown on spam and phishing. It is surprising that these features were not already a requirement.Tutanota
My current half a year lasting experience on centralized #google drive service:
Hello all Fedi Admins who have problems with spam!
The Mute List 2.2.2
I have been updating the spam list and found ~104 additional instances that continued spamming! I, with lots of help of other Fedi Admins, have compiled the instances into a list which mutes them, and does not defederate from them!
I'd highly appreciate a small donation here as I've worked really hard and long on creating this, which given my current schedule I can hardly justify! Thanks!
There is a new type of spam, the same instances are affected as before. Those responsible in Japan are said to have been arrested.
Instructions and Explanation of the List.
Once this list is imported, most of the spam is gone. The whole thing is easy for you, with just one click! In addition, no instance is blocked forever, no followers etc. are destroyed or unfollowed, only muted.
You can simply import this list by going to https://yourinstance.tld/admin/export_domain_blocks/new
and replacing yourinstance.tld
with the domain of the instance you are the administrator of!
Alternatively, you can also click on Settings => Moderation => Federation => Import
to import this list.
Note that although all instances can be imported with one click, these instances must be removed individually when the spam is over.
Also note that it only makes sense to import this list and mute the spam instances if you have blocked your spam locally and permanently, as described here.
Here's to a spam-free Fediverse :apartyblobcat: !
#MastoAdmins #FediBlock #Spam #Spamwave #Fedimins #FediAdmin #FediAdmins FediAdminEN
Hallo alle Fedi-Admins die Probleme mit Spam haben!
Die Mute-Liste 2.2.2
Ich habe die Spam-Liste aktualisiert und ~104 zusätzliche Instanzen gefunden, die weiterhin spammen! Ich habe, mit viel Hilfe von anderen Fedi Admins, die Instanzen in einer Liste zusammengestellt, die sie stumm schaltet und nicht von ihnen deföderiert!
Ich würde mich sehr über eine kleine Spende hier freuen, da Ich wirklich hart und lange an der Erstellung dieser Liste gearbeitet habe, was Ich angesichts meines aktuellen Zeitplans kaum rechtfertigen kann! Dankeschön!
Es gibt eine neue Art von Spam, die gleichen Instanzen sind betroffen wie vorher. Die Verantwortlichen in Japan sollen verhaftet worden sein.
Anleitung und Erklärung zur Liste.
Ist diese Liste importiert ist ein Großteil des Spams vorbei. Das ganze ist für euch leicht, geht mit einem klick! Zudem wird keinerlei Instanz für immer geblockt, keinerlei Follower etc. zerstört oder deföderiert, sondern nur stummgeschaltet. Das ist sehr leicht umkehrbar.
Ihr könnet diese Liste einfach importieren, indem ihr auf https://yourinstance.tld/admin/export_domain_blocks/new
geht und yourinstance.tld
durch die Domain derer Instanz ersetzt, von der ihr der Administrator seid!
Alternativ könnt ihr auch auf Einstellungen => Moderation => Föderation => Importieren
drücken, um diese Liste zu importieren.
Beachtet, dass zwar alle Instanzen mit einem Klick importiert werden können, dass aber diese Instanzen einzeln entfernt werden müssen, wenn der Spam vorbei ist.
Beachtet auch, dass es nur Sinn ergibt, diese Liste zu importieren und die Spam-Instanzen stumm zu schalten, wenn ihr euren Spam lokal und nachhaltig blockiert habt, wie hier beschrieben.
Auf ein Spam-Freies Fediverse !
#MastoAdmins #FediBlock #Spam #Spamwelle #Fedimins #FediAdmin #FediAdmins FediAdminDE
Woha, this is unexpected: in a future update mastodon will automatically turn off open registration if no mod has logged in for a week or longer:
github.com/mastodon/mastodon/p…
This is great news, and should hopefully significantly cut down on abandoned servers being used to send spam!
(And this is in addition to also having open registrations off by default on new servers.)
Great news!
Automatically switch from open to approved registrations in absence of moderators by ClearlyClaire · Pull Request #29318 · mastodon/mastodon
This is not meant to replace #29280, but supplement it to avoid unmonitored servers keeping open registrations indefinitely. Automatically switch away from open registrations if no user with the pe...GitHub
This makes me furious. Please, stop using Discord. They are complicit if they keep the discord server responsible for keeping the spam attacks alive.
The big wave of spams is over? Thank you FediAdmins for doing what you do!
#krita #ArtWithOpenSource #FediArt #MastoArt #spam
Are you seeing spam? A poll
The fediverse is dealing with a major spam attack -- Heise has some coverage (in German).
But not everybody is seeing spam. Are you? If so how much?
@fediversenews #fediverse #spam
PS: if you are seeing spam, there's also afollowon poll asking where
Mastodon: Spamwelle zeigt Schwächen auf und weckt Sorge vor schlimmerer Methode
Seit Tagen klagen einige User auf Mastodon über eine Spamwelle. Der liegen automatisierte Angriffe auf unzureichend geschützte Teile des Fediverse zugrunde.Martin Holland (heise online)
- No spam -- lucky me! (83%, 10 votes)
- Just a bit (16%, 2 votes)
- A lot (0%, 0 votes)
- So much that I'm almost ready to log off (0%, 0 votes)
im getting really tired... -w-
summary of today:
someone on a Japanese hacker forum decided it was a good idea to spam the entire Fediverse because they wanted to cancel a minor that DDoSed a Discord bot which apparently made them lost millions (what?)
A Discord bot. I can't make this shit up man.
The real culprit seems to be someone who goes by mumei
in the ctkpaarr.org forums, whose first post was literally a threat to ap12, that if they don't delete their "Kuroneko Server" Discord bot, they will spam every blog, forum and SNS and cancel him.
This shit is ridiculous.
The ap12
account from mastodon-japan was actually fake, and this dude impersonated a minor to get all of the Fediverse (us) to bully him.
The forum admins didn't even stop this. Why? lulz apparently. #fediblockmeta#fediadmins#fediadmin#mastoadmin#mastoadmins#spam#cybercrime#cybersec#infosec#drama#discord
Resolved: Microsoft Outlook Blocking All Email from @tutanota.com Domain as Spam.
tuta.com/blog/outlook-falsely-…
This is just another example of how much power Microsoft has. But sometimes I'm not sure they really know what they're doing.
Anyway, dealing with Windows email users (businesses and individuals) can be a nightmare.
If you plan on using your own email server, sooner or later you'll be playing this game too.
#microsoft #outlook #hotmail #email #spam @Tutanota
Resolved: Microsoft Outlook Blocking All Email from @tutanota.com Domain as Spam.
Update: Emails from Tutanota.com no longer go to Spam in Outlook.Tutanota
#XMPP Events
XMPP Meet-up Berlin
@mattj talks about "Spam, Abuse and Moderation"
Wed, 2023-11-08 18:00 CET
#xHain hack+makespace
Grünberger Str. 16, 10243 #Berlin
mov.im/node/pubsub.movim.eu/be…
#Jabber #chat #community #meetup #community #spam #abuse #moderation #interoperability #standards #federation
#decentralization
Communities • MattJ talks about "Spam, Abuse and Moderation"
MattJ talks about "Spam, Abuse and Moderation" When? Wednesday, 2023-11-08 18:00 CET (always…mov.im
I have banned and purged sbcloud.cc from everywhere, based on this
2023-01-29T10:27:59Z worker [INFO]: Server peer update start {"url":"https://fed.sbcloud.cc","worker_id":"85e31dd","worker_cmd":"UpdateServerPeers"} - {"file":"UpdateServerPeers.php","line":54,"function":"execute","uid":"a33038","process_id":295381}
2023-01-29T10:27:59Z worker [INFO]: Server is unknown. Start discovery. {"Server":"https://1chs090ty.activitypub-troll.cf","worker_id":"85e31dd","worker_cmd":"UpdateServerPeers"} - {"file":"GServer.php","line":358,"function":"check","uid":"a33038","process_id":295381}
Since then worker doesn't pull in spambots again.
Now, it would be neat to know:
1. What exatly happened (I don't know the protocol that deeply)
2. Who did what
3. How to prevent that from happening in the future (both network-wise and locally)
Multiple Former Twitter Employees Note That Musk’s New Favorite Tool, Polls, Are Easily Gamed By Bots
techdirt.com/2022/12/02/multip…
#elonmusk #twitter #polls #bots #spam #1
Multiple Former Twitter Employees Note That Musk’s New Favorite Tool, Polls, Are Easily Gamed By Bots
Rolling Stone has a fun article quoting multiple former Twitter employees highlighting that polls are the least secure tool on the platform, and are regularly open to manipulation by bots: “Polls a…Techdirt