As you can see, there is a massive spam wave going on on Lemmey based instances.
This can be avoided by enabling CAPTCHA with signup and also LIMIT the registers
per X seconds! Currently the accounts are idle but this can change soon… Please
take action NOW!
Stux from geddit.social think that the massive recent wave of ~100k new Lemmy accounts is likely mostly spammers. Captchas suck, but are they better than the alternative?
Great! Have you also commented on it? Have others here who are reading this and also concerned about this issue commenting on it?
Right now I think the Devs need to see how much impact they're creating here and with how little people are weighing in, I really don't think they're fully understanding the implications.
Just because an issue exists means NOTHING. It's a ticket, a work item, something that could choose to be discarded.
Additionally, just because the issue exists makes no guarantee that we'll retain Captcha functionality in v0.18.
It's always been up to instance admins to decide for themselves between the tradeoff of creating manual signup friction in order to reduce spam, or remove it in order to quickly scale for more users. This might remove a tool for now, but I think more tools will be added as alternatives.
You joke, but I wouldn't be opposed. Would make it hard to sign up for a non-local instance though.
But then, I'm also the guy who just spent 11 years on reddit with his real name. So clearly privacy has never been my deciding factor when choosing a social network.
Looking at the snap below, I'm getting worried about the integrity of this and other instances if all of these accounts start posting. There are many more like these. I counted at least 30 of them. For example if all of them try to post a 1MB image to a community in this instance. 💀
If there's no protection against the above scenario, preemptive defederation might be warranted. Maybe even with a public post on here that lists the defederated instances, where any owners of mistakenly swatted instances can appeal.
yeah, I think I might preemptively block them. a different admin has been trying to contact them to get them aware, and had a list of some that had deleted the accounts and implemented captchas or whatever.