Er operiert soweit ich es gesehen habe unter email@example.com und firstname.lastname@example.org und bringt Euch Spam in Eure Kommentare. Am besten gleich blockieren damit sich die Seuche nicht ausbreitet. Und wenn Ihr einen eigenen Server betreibt gleich auf dieser Ebene sperren.
Fragen wir doch erstmal den podmin, ob er den Spammer wegschiessen kann. Mein Französisch ist müll, ich versuch's mal auf englisch..
Hi @Tursiops could you help us with a spammer abusing your pod for spamming? He pisses off people a bit by commenting without any relation to threads but with porn pictures etc. and uses the following accounts: email@example.com firstname.lastname@example.org email@example.com firstname.lastname@example.org email@example.com
@Tursiops thanks for the quick reaction and answer, appreciated! :) My idea would be to just delete the accounts in question and see if this solves the problem. In addition you could set an IP address (range) ban for the respective person, if your server config is capable of doing so - they will eventually lose their patience and stop the spamming. If they use scripts to create the accounts you could add a captcha script for your account creation page to block those.
GUIDs and a ranking system for users and blocks if their spam score becomes negative would be technically possible I guess but this would somehow counteract the key ideas behind D*. Maybe an internal pod GUID not visible for any end users would be feasible? But I guess this would lead to the same problem. And central anti spam solutions would counteract the decentral character of D* . Hm..
Blocking should, initially be as easy as blocking spam mail. I once worked on a piece of software, together with others, that would track down an e-mail to the first unknown sending pc/server. That might be a good idea for the federation too.
The only thing I am currently unaware of is how activity pub and diaspora, next to the others, are sending items. Is there any record of the sending server?
Ok, here is one way to maybe look at the matter. When messages are send they could normally be seen as valid since it takes people to login. New servers might be under a looking glass since other servers do not know what they are up to but this brings no other option then a potential block for the complete server.
Messages/Posts should have an id that links them to a specific ip address imho. That way one would be able to put a score on that identifier. If a lot of valid posts come from that identifier a spammer would be able to send messages. If the percentage of complaints rise then the ip address could be blocked for a specific time of seconds. If it often happens then the specific time should increase.
We thought about this in the development of spamikaze. Spammers even where able to delist themselves