Please. Captcha by default. Email domain filters. Auto-block federation from servers that don't respect. By default. Urgent.
And yes, to refute some comments, this publication is being upvoted by bots. A single computer was needed, not "thousands of dollars" spent.
/
This right here.
Op, if you’re not ready to moderate, don’t spin up your own server or do your own private instance. If you’re going to moderate, do it properly and don’t spew bad ideas while hiding behind a dumb “alert” throwaway.
To be honest, I'm surprised that that username was allowed (or not reserved). It seems like it would introduce a risk where people could pose as Lemmy developers or something along those lines.
Lemmy is very “open” right now; some might say by design, other might say flawed. OP is maybe coming from a good place and actually wants to help, but instead of doing it tactfully, OP is becoming the exact thing they’re advocating against — a spammer posting garbage.
Meh, at least it's driving engagement. There's going to be friction for the time being as people are all mixed together into these communities. I'm sure plenty of casuals were engaged by this post, as it has over 1k upvotes.
But yeah I didn't even notice his username is alert. I'm still on high alert for Reddit shills trying to destabilize this platform, though. Just say the word and I'll come over and verbally defenestrate any shill that might appear.
I'm not really enthusiastic about email filters either, from a privacy standpoint. Plenty of companies that go harvest email addresses to link identities to activity.
If the CAPTCHA can't handle it, then it ain't doing its job.
I believe you can literally just add a . To the end of your own gmail and it will go to yours. Ie hello.1@gmail.com will go to hello@gmail.com.
Actually, hello.1@gmail will go to hello1@gmail.
The one you are thinking I believe is hello+1@gmail will go to hello@gmail
Correct, Gmail essentially doesn't "see" dots hello@gmail is the same as h.e.l.l.o@gmail
hello+anything@gmail will also be delivered to hello@gmail. This is great for signing up for mailing lists or subscriptions then creating a filter afterwards to do with it what you please.
There's one exception to that. If you originally created the email address with a dot in it, as in, signed up for gmail as "hello.2@gmail.com," it's treated as a literal character in the username portion and is required.
maybe in the past, but i did that a few years ago and switch between the dot and not
Yeah, it had to have changed at some point then. It used to be required that you use the dot if you registered it with the dot.
It’s still not required in this case…
This particular quirk can be easily accounted for tbqh.
Ahh, yea that's right. Regardless, just all the more reason that it's kind of silly to do what OP is talking about. Sure, you could filter out the + signs as well but overall it's a pretty pointless implementation.
Those would be separate. You’re thinking of +.
Dots have the effect of being ignored, so h.ello@gmail.com == hello@gmail.com
No, you've (maybe) limited your singular solitary instance's growth: your instance is not "Lemmy" and admins should do whatever they find works for them, is something they can easily enforce, and resolves the problem.
If you want to geoip limit signups to Skokie, Illinois? Great! If it works for you and keeps your instance from being The Problem, then it's a valid solution.
(I don't disagree that email domain blocks are not a singular solution to any abuse problem, but I also think that whatever works for the individual admin is perfectly reasonable, and email blocks CAN be worthwhile.)
BTW, it might be more inclusive language to use “allow list” and “block list”
I can't imagine being so obsessed with race politics as to think that purely technical terms like "white list" and "black list", which have never had any connection to race relations whatsoever, are somehow non-inclusive.
I can't either. "Allow" and "block" has always made more sense to me, though, so I wouldn't mind the change.
With all due respect, it’s from NIST’s guidance