Honestly, whoever has an idea for a spam detection measure for Mastodon, and by that I do mean an implementation, get in touch with me, I'll pay for it.

I've been thinking about solutions for the past few days but the more I think about them the more they appear pointless.


Defining an account as suspicious when it has no local followers can be circumvented by just pre-following them, using account age can be circumvented with sleeper accounts, blacklisting URLs does nothing when the spam does not include URLs, checking for duplicate messages sent to different recipients can be circumvented by randomizing parts of the message...


@angristan @Gargron ineffective as spammers are spinning up their own instances

@brunoph Spam-friendly instances are actually easy and cheap to detect and block.

A small number of spammers on larger, and poorly-administered, instances is far worse.

The collateral damage of instance-level countermeasures is high. And policing a large number of NEW user signups (and monitoring for sleepers and reputation harvesting) is expensive.

@angristan @Gargron

Sign in to participate in the conversation

Everyone is welcome as long as you follow our code of conduct! Thank you. Mastodon.cloud is maintained by Sujitech, LLC.