Email or username:

Password:

Forgot your password?
dansup's posts Post Back to profile
dansup

I'm aware of a certain Pixelfed instance being targeted by spammers and used to deliver spam to accounts across the fediverse.

The same thing happened with Lemmy last summer, and was caused by a dangerous config cocktail:

- Open Registrations

- No email verification

- Less active moderation (waiting to get reports rather than finding this from paying closer attention)

There are some things I can improve in Pixelfed, but these 3 are dangerous when used together!

1 February at 19:20 | Open on mastodon.social
7 comments
Qazm

@dansup Do you currently show a warning when those two options are set together?

1 February at 20:24 | Open on tiggi.es
DELETED

@dansup @pixelfed you’re doing great work on this instance stuff Dan. Any news on the iOS app, TestFlight has 30 days till builds run out, so is the app now submitted to App Store ? Keep up the great work, you get my support all the time

1 February at 20:41 | Open on mastomo.online
sfunk1x

@dansup Is there a legitimate use case to allowing open signups AND no email verification as a configuration combination?

1 February at 20:46 | Open on tusk.sfunk1x.com
David Fleetwood - RG Admin

@dansup You just need to code up some better admins and federate them!

1 February at 21:35 | Open on retrogaming.social
Alison Meeks

@dansup On what day is no email verification a good idea?

1 February at 22:43 | Open on mastodon.online
Colto Fox :colto_owo:

Hi @dansup, as a preventative measure I noticed the feature below was announced.

mastodon.social/@pixelfed/1117

But how do we enable it?

2 February at 0:02 | Open on red.fox.yt
SpaceLifeForm

@dansup

BoostBot Farms R US. That is what will happen.

Yes, you can defederate, but in the meantime, you still get to play whack-a-mole.

2 February at 0:38 | Open on infosec.exchange
Go Up