I think the best solution are federating ip bans and maybe mass registration prevention.
The idea would be to note your ip in the account which then gets federated and if this ip registers a third account, it gets blocked. (Two might be a changing ip or a lost password)
IP bans are not very useful considering that almost nobody has a static IP these days.
CGNAT IP addresses change frequently and can be shared by over 100 users. I find it very annoying to have to connect to a VPN until my IP changes because someone else got the IP I’m using banned.
Browser fingerprinting would be a better way of detecting ban evaders.
They‘re useful for a very short amount of time and add frustration for the spammer but yes, the downsides are large as well.
If a person knows how to change their ip after being banned, they probably dont use a normal browser either, dont you think? Or have I missed something about browser fingerprinting? You can post to lemmy over an api, right?
deleted by creator
Manual approvals aren’t scalable
Sometimes, that’s a good thing. Not every instance wants hundreds of thousands of users.
CC BY-NC-SA 4.0
deleted by creator
I think the best solution are federating ip bans and maybe mass registration prevention.
The idea would be to note your ip in the account which then gets federated and if this ip registers a third account, it gets blocked. (Two might be a changing ip or a lost password)
IP bans are not very useful considering that almost nobody has a static IP these days.
CGNAT IP addresses change frequently and can be shared by over 100 users. I find it very annoying to have to connect to a VPN until my IP changes because someone else got the IP I’m using banned.
Browser fingerprinting would be a better way of detecting ban evaders.
They‘re useful for a very short amount of time and add frustration for the spammer but yes, the downsides are large as well.
If a person knows how to change their ip after being banned, they probably dont use a normal browser either, dont you think? Or have I missed something about browser fingerprinting? You can post to lemmy over an api, right?
deleted by creator