@Gargron We've already had to limit over 50 domains and it looks like some instances are created only for the purpose of this attack. This exposes a vulnerability of Mastodon in that admins have no way to prevent incoming spam other than after the fact.

So if you know of any tool or option that would enable receiving instances to keep this in check, please let us know.