1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either [email protected] or [email protected].
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email [email protected]. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try [email protected] or [email protected]
Reminder: The terms of service apply here too.
Logo design credit goes to: tubbadu
Most Esteemed and Honorable Sir/Madam,
What a good post I write to you in great distress, for I am Prince Oluwafemi of the Most Federated Kingdom of Lemmy. My federation has been defederated most unjustly, and I am in dire need of your assistance to restore my rightful place among the shitposters.
To do this I just need you to visit the charity setup by my people so they can track your donation and return the internet points once I am back in my rightful place www.justputyourcarddetailsin.edu
I kind of wanted that address to exist...
So how come email spam still exists
We were really naive back when email was invented.
Is there anything about Lemmy's architecture that will prevent this problem?
While Lemmy versions maintain some backwards compatibility, Lemmy is designed to move forward, and allow incremental security improvements. And it is possible to apply significant security updates to individual servers without losing access to the out of date ones.
Email really doesn't have an equivalent way to improve security, Incrementally, without dropping large legitimate parts of the network.
DMARC and DKIM are making finally progress for email security- by dropping large legitimate parts of the network.
I know the best way to prevent spam. Well, specifically I know someone who does. He happens to be the leading expert in spam mitigation. In fact, he's so good, he was arrested for it, and his history purged from the net. I would give you a name, but that would only make his treatment in prison even worse.
Thankfully, I have a few connections that I can use to free him. He's currently being held in a remote Russian prison, but the guards are corrupt. For a mere $10k USD or so, I can free him. Please direct donations to Bitcoin address xjejksoej28sj77.
If one server is misbehaving, then they get defederated.
If the instance the spam is originating from is nothing but spam, yeah. Most instances only defederate from another as a last resort and/or if the offending instance is a total lost cause or dedicated to spam/trolling/etc.
Is there anything about Lemmy's architecture that will prevent this problem?
Yes. Applications for new registrations assuming admins can be arsed to turn them on. It won't 100% prevent it, but it will reduce it by probably 90%.
Most spam on Lemmy comes from instances with open registration (ones that do not require an application). Lemdro.id is probably the biggest offender and pain in my side. Email verification and CAPTCHAs are not effective barriers. They may slow down spam signups, but do absolutely nothing to stop them.
Instances that have 24/7 admin coverage do okay with allowing open signups (again, without application approval) and keeping spam to a minimum; some still slip through, but they're usually quickly dealt with due to having an admin available 24/7. Instances with round-the-clock admin availability are rare, though.
Instances without 24/7 admin coverage (roughly 99% of them) should, IMO, NOT have open signups and require applications. Some spam may get through, but the admins can at least have eyes on new registrations.
they do get 'defederated'... by way of automated block lists by domain and IP...but the issue is smtp due to age is trivially easy to setup on new domains/ips as well as dns and relay tricks to obfuscate the true source.
It will be worse.
And Lemmy is not designed at all to handle spam.
I used to use Kbin.social but eventually it started to get overrun by spam when the servers worked.
