this post was submitted on 19 Jun 2023
17 points (94.7% liked)

Lemmy.World Announcements

30334 readers
6 users here now

This Community is intended for posts about the Lemmy.world server by the admins.

Follow us for server news 🐘

Outages πŸ”₯

https://status.lemmy.world/

For support with issues at Lemmy.world, go to the Lemmy.world Support community.

Support e-mail

Any support requests are best sent to info@lemmy.world e-mail.

Report contact

Donations πŸ’—

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Ko-Fi (Donate)

Bunq (Donate)

Open Collective backers and sponsors

Patreon

Join the team

founded 2 years ago
MODERATORS
 

So some spam signups just happened (all username12345678@gmail.com format e-mail) This caused bounced mail to increase, causing Mailgun to block our domain to prevent it getting blacklisted.

So:

  • Mail temporarily doesn't work
  • I closed signups for now
  • I will ban the spam accounts
  • I will check how to prevent (maybe approval required again?)

Stay tuned.

Edit: so apparently there is a captcha option which I now enabled. Let's see if this prevents spam. Registrations open again.

Edit2 : Hmm Mailgun isn't that fast in unblocking the domain. Closing signups again because validation mails aren't sent

Edit 3: I convinced Mailgun to lift the block. Signups open again.

top 22 comments
sorted by: hot top controversial new old
[–] AlmightySnoo@lemmy.world 4 points 2 years ago (1 children)

How about adding a captcha? I was surprised there was none when I signed up.

[–] ruud@lemmy.world 2 points 2 years ago

Yes the devs should do that. We're currently discussing the the Lemmy matrix chat.

[–] EvilMonkeySlayer@kbin.social 2 points 2 years ago (1 children)

User on kbin here, just tried to sign up to lemmy.world.. looks like everything crashed and burned when tried to sign up there.

[–] minimar@lemmy.world 1 points 2 years ago

It was you all along!

[–] ghariksforge@lemmy.world 2 points 2 years ago (1 children)

I love how transparent you are with the management of this instance. Kudos!

[–] phil299@lemmy.world 2 points 2 years ago

This, Refreshing πŸ˜€πŸ‘

[–] lemmy@endlesstalk.org 2 points 2 years ago

I ran into the issue on my instance as well, but checking the Captcha option in admin settings, stopped the signups for me.

[–] Sorenchu@lemmy.world 2 points 2 years ago

Sounds frustrating. Thanks for doing what you do and letting us join your server! Hope the captcha works out.

[–] chaosppe@lemmy.world 1 points 2 years ago (1 children)

Becareful with this. There's a clear trend of massive amount of bot accounts flooding lemmy as a whole

[–] lwuy9v5@lemmy.world 0 points 2 years ago* (last edited 2 years ago) (1 children)

Becareful with this. There’s a clear trend of massive amount of bot accounts flooding lemmy as a whole

I am not sure there's anything in that that denotes "massive amount of bot accounts". Seems more like "a lot more people made lemmy accounts than stuck around" which is unsurprising.

Why would a bot account show up in one of your graphs and not the other?

[–] gyro@lemmy.world 0 points 2 years ago* (last edited 2 years ago) (1 children)

they're waiting to use the bots when the community is large, over a long period of time. This way it'd be hard to detect the bots.

[–] lwuy9v5@lemmy.world 1 points 2 years ago

I take my comment back, you are totally right. There are a few ghost town instances with 80k users. Super obvious if you look at the active users vs users, or users vs comments. My bad -_-

[–] halo5@lemmy.world 1 points 2 years ago

I've run into this issue with some of my servers in the past and it's a real PITA to deal with because not only do you have to mitigate the issue, but then you have to make requests to get de-blacklisted, etc. I finally got sick of it all and installed a Barracuda spam firewall in front of the mail server. I have MUCH easier control over IMAP/SMTP now.

[–] And009@vlemmy.net 0 points 2 years ago

Maybe ask users with no activity or suspected activity to verify again. But how do you do that without email?

[–] Limeey@lemmy.world 0 points 2 years ago (2 children)

FYI 18.0 does not have captcha according to release notes. May want to delay upgrade until 18.1? Or institute a stricter signup like requiring email verification? just wanted to mention it

[–] ruud@lemmy.world 2 points 2 years ago

Yes, we'll wait for 0.18.1.

[–] ruud@lemmy.world 1 points 2 years ago

Yeah we use e-mail verification, but the problem was that the spam signups used fake gmail addresses resulting in the mail domain to get blocked. So we'll wait until 0.18.1

[–] CosmicSploogeDrizzle@lemmy.world 0 points 2 years ago (1 children)

Is there a growth target for the community? I see that Lemmy.world is almost equal in size to lemmy.ml. Will this instance remain open indefinitely?

[–] ruud@lemmy.world 1 points 2 years ago

No target. I will keep this open as long as it's possible. It's up to others to start as many Lemmy instances as possible, and the Lemmy devs to create a better join-lemmy with a rotating 'recommended server' preferring smaller instances. But that's difficult. Because you also don't want 1000 users to land on someone's Raspberry Pi instance without backup which they can just stop if they get bored of it. Same issue goes for Mastodon as well... but that's being worked on.

[–] rastilin@kbin.social 0 points 2 years ago (1 children)

Last time a website I was managing was bombarded with spam signups, I set up a regular expression to check for the incredibly distinctive format the spammers were using... then it reports success but doesn't actually create the account or send an email. Spam problem over.

[–] AtomicPurple@kbin.social 1 points 2 years ago

Very clever, only problem is it's not a general solution.

[–] RandAlThor@lemmy.ca -4 points 2 years ago

I am from Lemmy Canada. I have noticed that when I come to a community hosted on Lemmy World I am often signed out. Do I need to sign up here to participate?