spamfighting for mastodon #60

Open
opened 2023-05-14 19:13:46 +00:00 by kouhai · 0 comments

spamcar; or: towards a spamfighting sidecar (& patchset) for mastodon

now with 30% less sodium!

right now there's a giant wave of spam from m.s. this is not ideal. we need antispam to fight this.

idea:

  • add a hook on:

    • account processing
    • apub Create processing
    • apub Announce processing
  • in this hook, if spamcar is configured, check Spamcar's data store (postgres? redis? this needs persistence, regardless) for an author suspicion level (allow/unknown/quarantine/block), and act accordingly.

    • the mastodon DistributionWorker, which processes notifications/etc, will be called at a delay, instead of instantly, for unknown / quarantined accounts.
      • this will probably have
    • in the meantime, we'll process the proposed status
      • call the spamcar service with some features, and trigger an updated evaluation with this new information
    • if processing hasn't completed within the delay interval, fail open. sucks, but deliverability's important!
  • transitioning to quarantine automatically generates a non-notifying report


todo: figure out how to federate some of these among trusted servers. activitypub!

### spamcar; or: towards a spamfighting sidecar (& patchset) for mastodon *now with 30% less sodium!* right now there's a giant wave of spam from m.s. this is not ideal. we need antispam to fight this. idea: - add a hook on: - account processing - apub Create processing - apub Announce processing - in this hook, if spamcar is configured, check Spamcar's data store (postgres? redis? this needs persistence, regardless) for an author suspicion level (allow/unknown/quarantine/block), and act accordingly. - the mastodon DistributionWorker, which processes notifications/etc, will be called at a delay, instead of instantly, for unknown / quarantined accounts. - this will probably have - in the meantime, we'll process the proposed status - call the spamcar service with some features, and trigger an updated evaluation with this new information - if processing hasn't completed within the delay interval, fail open. sucks, but deliverability's important! - transitioning to quarantine automatically generates a non-notifying report --- todo: figure out how to federate some of these among trusted servers. activitypub!
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: treehouse/mastodon#60
There is no content yet.