cross-posted from: https://lemmy.dbzer0.com/post/123857

This is my current attempt at preparing to counter the spam waves that will be appearing as the fediverse becomes more and more popular.

It involves the creation of whitelists based on a chain of trust between instances with easy ways to add and remove into it with few overheads.

Let me know what you think and if you’re interested, please do register your instance at https://overctrl.dbzer0.com.

  • Samuel ProulxA
    link
    fedilink
    English
    arrow-up
    5
    ·
    2 years ago

    So require paid ssl certificates or something. I just can’t sign on to any system that requires me to establish personal friendships with other instance admins so I can beg them for endorsements. Begging Reddit to improve accessibility didn’t work. I have no interest in a system where my instance now needs to beg other admins for the right to federate. Even email doesn’t work this way.

    • owls@community.yshi.org
      link
      fedilink
      arrow-up
      3
      ·
      2 years ago

      Email does rely on IP reputation as a major component in deciding if something is spam. The system has matured to a point where it works fairly well and transparently … but the consequence has been you can’t reliably send from an IP block unless somebody is very actively handling abuse and working with the reputation services to keep their IP space in the internet’s good graces.

      But: I wouldn’t want to allowlist based just on one reputation service. I’ve got some ideas on how to handle spam for my instances involving a few different datapoints. This could be useful as one, if it ends up with enough data.

      • Samuel ProulxA
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        The difference is, if I don’t want to handle those things myself, I can pay a bunch of other services to handle it for me. In this system, I’m entirely dependant on the good graces of other admins to add me into the web of trust. They might decide not to, for any, or no, reason. What this results in is a few big and well-connected instance owners who can federate, and nobody else ever can.

    • interolivary@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      So instead of having to “beg for endorsements” you’d rather have to pay to set up a FOSS server?

      • Samuel ProulxA
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Yes. I already have to pay for a VPS, for a domain…nothing wrong with paying for an SSL cert. At least I can pick my vendor.

        • rs5th@beehaw.orgM
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 year ago

          I’m not sure how’d you accomplish this without requiring an EV cert, which is expensive and time-consuming to get, right? I guess manually maintaining a list of free CAs like Let’s Encrypt? Idk, I’d never pay for a cert I’d have to manually update where my LE certs are all automatic.

          • Samuel ProulxA
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I wouldn’t love paying for a certificate, but I’d love it more than being at the mercy of a group of powerful admins to be permitted to ever federate with anyone.