I think it may be time to start discussing how much longer we can onesie-twosie deal with spam from mastodon.social.
#lawfedi and #lawyer or #legal adjacent folks that haven't hopped to a smaller instance and are still on the main one, please consider making a move. We've had more spam reports today than in the last 6 months combined.
It doesn't have to be to https://esq.social if you don't want to, but we'd of course be happy to have you.
For sure, and like I said I really don't want to have to even explore it. We haven't had to to this point, as in the past it was handled quickly by the admins.
With mastodon.social, every week or two there is an influx of obvious bot accounts from the main instance pushing Dogecoin scams.
My larger problem with the bot accounts and spamming is if I imagine it as being something other than a pretty obvious Dogecoin fraud and it being instead, say, some spewed hate ... the lack of ability to curtail it quickly (even measured in weeks) is concerning.
From our perspective we can suspend accounts from accessing people on our instance, but the only real "tool" we have for an instance with a bunch of bots is defederation.
@krisnelson @AnnemarieBridy @law
My understanding is it would be entirely effective. I don't know if people referring to "defederating" are speaking only of suspending, or if they were including limiting.
I was personally referring to limiting.
Thanks for all the above and below. I hope you came across the post I made clarifying my initial statement to make clear I am not impugning anyone's efforts.
My tacit question remains, though, do you think moderation to where those kinds of spam attacks don't happen to begin with is possible with an instance of m .social's size?
Well it can be solved from an origination standpoint at a small size. Imagine an instance of 1 with closed signups. Scale that up slowly only insofar as you can continue to closely monitor and approve each new signup. Voila.
If you then treated federation as a default opt-out situation, you could mimic the same process there. Each new instance you federate with would be considered and only on the strength of their moderation.
@renchap @andrew You did great. I (co-moderating a large infosec instance) saw the spam attack as it started and immediately went to work identifying a suitable query where I could mass-suspend the accounts. When I had done that I realized that the attack was ongoing and the instance kept seeing new accounts as I refreshed. After just a few minutes the new accounts stopped appearing at which point I knew you had cut them off.
All in all we got ~10 reports or so at the time and some time after when people saw the messages.
I know of _no_ centralized service able to react this quickly.
/ex global Head of commercial SaaS
edit: removed an automatic re-boost tag. Sorry, it came with the thread and I didn't understand what it was.
@renchap @andrew @law
Naïve question: Since posts can be edited and deleted by their authors, wouldn’t it be possible to also retroactively block/delete earlier SPAM posts?
This way you could clean them out of the timeline.
(To address possible abuse by moderators, may want to typically limit rollbacks to certain amount of time, or something.)
When a local account gets suspended, remote servers that have followers or who have reported the account get notified. But in cases like today's spam wave, the suspended users typically have no fol...
Another useful link vis a vis moving: https://fedi.tips/transferring-your-mastodon-account-to-another-server/
Moving followers and such is a cinch, your toots stay behind though unfortunately.
Andrew Leahey
Annemarie Bridy
@krisnelson
SoFla Admin
Renaud Chaput
zeruch
Troed Sångberg
M.rauder
Jude
T. Austin Brown
BentiGorlich