Lately we have been dealing with a few abusive members from Feddit.nl and we were unable to get in touch with the instance administrator.

Part of the problem is the instance’s open registrations which do not require you to enter an e-mail address during signup. This in combination with an inactive admin is a recipe for abuse.

We hope this is only temporary but we have to do this to protect our users.

Edit: we use fediseer, have a look https://gui.fediseer.com/instances/detail/lemmy.world

Edit 2: We got in touch with the Feddit.nl admin. Email requirements were added to the sign-up process and we’re setting up a communication channel. So that means we are federating with Feddit.nl again!

      • Quacksalber@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Nope, in order to not overload lemmy servers, the lemmy software does not federate pre-(re)federation content. That is one reason why I find it a bit ridiculous to wield the biggest stick you have, defederation, so freely.

        • antik@lemmy.world@feddit.nl
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          I think in the case of an instance being spammed with csa material we are allowed to use all the sticks at our disposal - and in this case it was actually the only stick we had. And once we got in touch with TedVDB we refederated.

          He’s now also in the chat room where most Lemmy instance admins hang out. I’d say that’s a positive for everyone in the end.

  • PrinceHabib72@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Stuff like this is going to kill the momentum of the fediverse. I’m a reddit refugee, my main account started on vlemmy.net (because it had a policy to not defederate from anything), and when that went poof, I moved to feddit.nl (because it has a policy to not defederate from anything). I believe it is MY prerogative, and no one else’s, to decide what I am or am not allowed to see. I curate my own feed by blocking or subscribing to instances I don’t or do want to see, respectively.

    Regardless of any of this, however, I am now unable to view any content on .world without this account, due to actions entirely outside of my control. Since hosting my own instance is out of the question for me, my options are: find a third instance with a no-defederation policy that hasn’t been defederated itself from major instances, have multiple accounts and browse each instance individually, stop browsing altogether, or go back to reddit. As distasteful as the last option is, it’s tempting. I know the impulse will be to tell me “good riddance”, but I am posting this because I know there are others like me that are tired of instance hopping and trying to find somewhere that doesn’t try to police our browsing and also isn’t defederated from major instances.

    For the record, I don’t want a no-defederation instance because I want to browse Nazi or pedo instances. I want a no-defederation instance because I have a principled objection to others telling me what I can or cannot view.

  • BitingChaos@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Part of the problem is the instance’s open registrations which do not require you to enter an e-mail address during signup.

    How is this even a thing? Why would the Lemmy software even allow operation like this?

    • SpliceVW@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Let’s be real - an email address doesn’t really stop much of anything. Anyone can really easily spin up new email addresses freely.

      • CoderKat@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Sadly yeah. We absolutely should use email signup because it filters our the absolute lowest effort bots, but it does nothing against higher quality bots or humans. Not only can you easily spin up new emails on the fly, but many emails allow ways to make the email appear unique (eg, Gmail ignores dots and anything after the + sign), there’s plenty of temporary email services with a variety of domains, and if you own a domain, you can trivially create unlimited emails until they catch on and ban the entire domain.

        Inactive admins are also an issue, but if malicious users are determined enough, it doesn’t matter that much how active an admin is. An active admin can mostly help by making IP banning an option (imperfect, but will work on many humans) and can temporarily turn on approvals to make it easier to weed out low hanging fruit. Nothing will work against someone determined enough, but could at least reduce how many instances they can turn to.

        • itsdavetho@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Personally I don’t think anything will stop anyone determined to bring this type of harm to the community, there’s an endless list of workarounds. These communities need a larger network of moderators across timezones

          • sab@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Nope, but it will stop the less determined ones.

            With no email verification, you can pretty much create dozens of fake accounts per second - as fast as the API can handle.

      • Antik 👾@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Sure. But we changed our sign-up policy recently. Users are now informed during sign-up that temporary email accounts are banned.

        We have another announcement regarding this soon.

        • ttmrichter@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          How do you define a “temporary email account”?

          I’m reminded of old games that insisted you couldn’t sign up with an email provider and had to use an ISP email … which kinda screwed over the literally BILLIONS of people whose ISPs don’t give email addresses…

      • Corkyskog@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        Yeah I still don’t have an email associated with my reddit account. Which shocks people… although I haven’t logged on in months, so maybe it’s now required for legacy accounts

        • MakeItCount@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          it’s not required globally but some subs require it to be able to post

          So far only /r/formula1 does for me

    • cley_faye@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Because anyone running it can decide to do it this way. That’s how code works; you can edit it. Even if the option wasn’t there, if any instance admin wants that to happen it’s easy to do.