Lately we have been dealing with a few abusive members from Feddit.nl and we were unable to get in touch with the instance administrator.
Part of the problem is the instance’s open registrations which do not require you to enter an e-mail address during signup. This in combination with an inactive admin is a recipe for abuse.
We hope this is only temporary but we have to do this to protect our users.
Edit: we use fediseer, have a look https://gui.fediseer.com/instances/detail/lemmy.world
Edit 2: We got in touch with the Feddit.nl admin. Email requirements were added to the sign-up process and we’re setting up a communication channel. So that means we are federating with Feddit.nl again!
Part of the problem is the instance’s open registrations which do not require you to enter an e-mail address during signup.
How is this even a thing? Why would the Lemmy software even allow operation like this?
In case anyone’s wondering, you can use the old.reddit.com interface to sign up without an email.
I only ever used old.reddit.com. Didn’t realize that option was limited to to the old interface
Let’s be real - an email address doesn’t really stop much of anything. Anyone can really easily spin up new email addresses freely.
Yeah I still don’t have an email associated with my reddit account. Which shocks people… although I haven’t logged on in months, so maybe it’s now required for legacy accounts
Hah, I replied higher up in the comments that when I signed up for reddit, I also didn’t need an email address and I think that particular one never required setting one
Newer accounts definitely did and I used different emails for those accounts
Sadly yeah. We absolutely should use email signup because it filters our the absolute lowest effort bots, but it does nothing against higher quality bots or humans. Not only can you easily spin up new emails on the fly, but many emails allow ways to make the email appear unique (eg, Gmail ignores dots and anything after the + sign), there’s plenty of temporary email services with a variety of domains, and if you own a domain, you can trivially create unlimited emails until they catch on and ban the entire domain.
Inactive admins are also an issue, but if malicious users are determined enough, it doesn’t matter that much how active an admin is. An active admin can mostly help by making IP banning an option (imperfect, but will work on many humans) and can temporarily turn on approvals to make it easier to weed out low hanging fruit. Nothing will work against someone determined enough, but could at least reduce how many instances they can turn to.
Personally I don’t think anything will stop anyone determined to bring this type of harm to the community, there’s an endless list of workarounds. These communities need a larger network of moderators across timezones
Sure. But we changed our sign-up policy recently. Users are now informed during sign-up that temporary email accounts are banned.
We have another announcement regarding this soon.
Back when I signed up for reddit, you didn’t need an email and they warned you if you lost your password you’d be locked out of your account until you regained it and they would not offer support to reset it
I liked that. I don’t want to have to submit my email for everything just to interact
One of the reasons I have my own email domain and random email addresses for certain services.
Managing this for a large amount of services is a huge overhead for me. I use Sub-addressing and then apply filters based on categories.
Catch all? I love it so damn much since I got it. Bitwarden added it on the fly and now I got disposable email addresses for anything I can think of, it’s so, so perfect!
