nindokag
Follow

Was talking about Mastodon with an old-school sysadmin guy. We reached the realization that defederating from instances with no/bad moderation is essentially the same thing as blocking open relays back when you ran your own email server: open relays always end up getting used for spam, you block 'em to protect your users.

Email was and still is the first federated social network, so it already faced a lot of the same problems; we should study its solutions (and its failures).

@nindokag ??? I mean, your house, your rules, but "No moderation" != spam. Seems more equivalent to like, autoblocking all incoming/outgoing http://cock.li emails. Theoretically, you can, but if I were on that email server I would feel pretty nanny'd.

@matilde @nindokag i have some interesting news for you regarding your gmail account

@nindokag Makes me wonder just how practical it is to have your own email server in these days of gmail and mailru. AFAIK it would get on spam/black lists pretty quickly and into white lists never, so good luck having your mail reach anyone.

@artlav @nindokag

Many people and companies still do. And gmail's unwillingness to play nicely with them because of their own short-sighted dictatorial policies is a major reason for people drifting away from gmail. In fact, I hear more about people leaving gmail for that reason, than for ideological reasons (granted the ideological people are loud).

@jankoekepan @artlav @nindokag I am now running my own email server (again, after being an email admin for half a decade.)

Obviously I'd suggest doing it ~in the cloud~ on a reserved IP with stable documented software, but the rest is just Normal Admin Stuff. Certainly doable and Gmail doesn't whine. (The key is DKIM+SPF+rdns and checking blacklists.)

@artlav @nindokag I have run my on email server with great success for over a year with little to no problems. I use mailinabox.email

@robert @artlav @nindokag I've been running mailinabox for a few years with no issues. The only domain I sometimes have delivery issues to is Hotmail and only one person I know still uses a Hotmail address - my mother-in-law.

@artlav @nindokag people selfhost email without major difficulties beyond the initial configuration and maintenance

@artlav I run my own, and have done so for 5 or so years. I had a problem once with one specific email server where my emails ended.up in the junk folder, but that was because I wasn't using an spf DNS record. Now it's fine.

@nindokag slashdot still has the best moderation system
@nindokag This is what I have been saying to people, as someone who has maintained mailservers for 15+ years.

@nindokag so what you're saying is: we've reinvented email

@es2600fm @nindokag

hey hey hey, there's history books listening. we invented microblogging. THEY'RE SUPER DIFFERENT and we have to pretend that forever

@es2600fm @nindokag myspace was email killer + music and spinning skull GIFs, facebook was email killer + farmville and racism

@nindokag Any good policies to follow that don't involve blanket rules? E.g. block a domain for 6 hrs if your server gets >X spam reports from its emails

@nindokag Yes, this is why the paper that I'm writing on anti-spam on the Fediverse with @cwebber references email and email anti-spam techniques a great deal.

@emacsen @nindokag Though I also think email misinformed a lot of the future approaches to come... I do think we can do better.

But we should certainly learn from it! :)

@cwebber @nindokag @emacsen Spamhaus is deeply problematic though and I hope we can avoid replicating systems like this. The early shared blocklists we had here were already a tiny step in that direction.

@ng0 @cwebber @nindokag

There is plenty to dislike about Spamhaus, and even worse Spamcop (do you remember them?).

I'd love to hear specifically what the issue you see with them is/was so we're on the same page.

@emacsen @nindokag @cwebber I'm not good at collecting my thoughts right now on this topic. For now: it seems -- only running Email servers for less than 10 years now -- that decisions are made intransparent at the expense of not being able to get off the lists easily if some arbitrary action got you on there. Administrators (seem to) rely on them as an ultimate, unquestionable authority.
I'm a bit fuzzy on the details, but my main issue is with unquestionable trusting one source of information (even if they do publish why a decision was made by them).

@ng0 @cwebber @nindokag

What I'm hearing is "Handing over ultimate authority on what you do and don't accept to a third party is a bad idea, especially if that third party acts as a black box."

If so, then yes, good point.

If I don't get it, maybe you can help me understand better in the future?

@ng0 @emacsen @nindokag and anything that would eventually converge on that would also be a bad idea :)

@emacsen
It also opens the system up to abuse--I don't recall the names but I'm thinking of the blacklists which require payment before they will remove you. Experience dealing with email blacklists is one of the reasons why I have always opposed Dzuk's list regardless of its usefulness; I would prefer if fedi didn't turn into that.
@ng0 @cwebber @nindokag

@hushpiper @ng0 @cwebber @nindokag

The best that we can do is offer other solutions, but we can't prevent such a thing from happening. Just in the discussion of anti-spam techniques, I've seen some very upset people who want explicit whitelists- who only want to federate with nodes they feel share the same values.

I think that would be a very bad thing for the Fediverse, but I can't stop such a thing from happening.

@emacsen I suppose some of the issue here may be with the assumption that every node will federate in a similar way, when actually there should probably be a diversity of types of communities, each using a different federation policy in lines with their needs.

Universal whitelisting and universal blacklisting both strike me as unhealthy, but smaller specialist or marginalized communities could work on a whitelist basis, while larger communities blacklist and others graylist (once that's an option) or don't moderate at all. Federation doesn't necessarily have the expectation email does, where every person should ideally be able to talk to every other person without exception. So long as there's a range of options available, perhaps that will mitigate the potential damage to the fediverse as a whole.

@ng0 @cwebber @nindokag

@hushpiper @ng0 @cwebber @nindokag

This is a very complicated situation, but let me give you an answer...

There may be some communities for whom it would be entirely appropriate to have a whitelist-only federation agreement. One example that comes to mind are sites that cater to children where any kind of inappropriate content would be entirely unacceptable. But those should be the minority because the real goal of federation is to interconnect.

(...)

@hushpiper @ng0 @cwebber @nindokag

The goal of a Fediverse is interconnection, and to me, the idea of a whitelist is as unacceptable as it would be for an email server to do so. I don't need pre-arangement with any existing email server, and requiring something like that would be a huge undertaking, blocking many smaller servers, and ultimately create a situation where only the large and powerful entities exist.

That would bring us back to centralization, which defeats the purpose.

(...)

@hushpiper @ng0 @cwebber @nindokag

What many on the Fediverse advocating for strong controls are forgetting is that under a strict controls, it's the underrepresented or oppressed who suffer just like they did under centralized systems.

Worse, they'll create islands again. Maybe there will be a social media site that serves your small community, but the power of the Fediverse is being able to reach across the isles and build bonds, build understanding and compassion.

(...)

@hushpiper @ng0 @cwebber @nindokag

Many of us came to the Fediverse seeking understanding and acceptance- basic human needs.

Understanding and acceptance goes both ways. We need to hear the base needs of others, including their pain, anger and fear. The way to address it is with love, acceptance and compassion.

In order to give love, acceptance and compassion across the boundaries of our communities, those communities must be able to communicate, and thus we need federation.

@emacsen @cwebber I think the way things need to end up is similar to the way spam ended up: strong reputation analysis, sufficient sensor base to stop drive-by abusers before they hit their hundredth new target server (i.e. servers should compare notes) and Bayesian filtering of content (only imagery? spammy/abusive words? bad behavior?)

The FB CIO said they approach it like counterinsurgency among a "good" populace and I think that's a great tactic.

@emacsen @hushpiper @ng0 @cwebber @nindokag

Users can block whole instances from showing in their feeds What about User Whitelists, were the user only sees posts explicitly from instances they whitelist

@nindokag @RobinHood But then you've got a bunch of bullshit older tech that can't understand clever email bits, so you re-create relays on your LAN because you value easy setup and know that absolutely none of your users will use it for spam because they don't know a single thing about any of the stuff the use that does the daily magic they all depend on. LOL.

@nindokag so @cjd made a presentation at 34c3 about BGP and the rule of custom and I think it exemplifies this very much (also he talks about the relationship with mastodon too at the end) media.ccc.de/v/34c3-9072-bgp_a

@nindokag

> Email was and still is the first federated social network

No it wasn't, not by a long shot. The concept has been in use since the very dawn of civilisations.

If you restrict your study to electronic communication you end up with a mountain of hidden variables. For a start: cost barriers.

Do yourself a favour and stop thinking of this if it was any sort of innovation.

@61 Did any of the ancient offline networks use techniques we could learn from, that you know of?

@nindokag we should also keep in mind that the ultimate solution email eventually reached was to centralize on half the planet using Gmail and make it an enormous pain in the ass for anyone who isn't a corporation to run their own email server without getting flagged as a potential spammer by gmail.

I think the ultimate lesson of email is that decentralized/federated networks just ... don't work, in the long term.

@SenorOblong @nindokag i think the ultimate lesson of email is don't give corporations an inch

there's corporate instances already on the fediverse and i'm still blocking them as they pop up

@nindokag
Honestly my reaction upon realizing that email was the first big example of federation was that we should not emulate email. Email ended up heavily centralized, and the prevalence of blacklists designed to block spam (or bad actors, in the case of fedi) was a big reason for that. Let's not do that here.

(For myself I would prefer a filtering system along the lines of Pleroma's MRF, which is one of the things that ultimately edged Gmail out over the competition.)

@nindokag
Two totally different scenarios. While I can loosely see the parallels it's an apples and oranges discussion. I would say it's more comparable to UUCP/ Fidonet groups back in the day of the BBS boom.

@GLove @nindokag Wow: that Fidonet reference takes me back. Ran an old bbs back in the day.

@nindokag
@Canageek
I find myself continually thinking about and promoting discussion around the Zot protocol since I just read about it a few days.
Would go a long way to solving two problems:
medium.com/we-distribute/got-z

@nindokag To be honest, I don't really see this analogy fit especially talking about "bad moderation". What does "bad moderation" mean? Do we have agreed-upon, acceptable standards and rules of what "good moderation" is? Who is entitled to come up with these? We should be able to answer this question *first* before we try to figure out how to technically enforce things. For e-mail and spam, these rules are pretty clear and had quite some years to become clear and agreeable for the most part.

@nindokag @phoe
>its solutions
make almost everyone use a solution from google? 🤔

Wow, people are making some really good points in the replies to this post. I haven't had a chance to read them all yet, but I want to read them and mull them over and then write some replies.

@nindokag This is exactly how I've been thinking about it, and I'm very curious what others think of the "mastodon like smtp" model of growth/adoption. I'm expecting RBLs, and more infrastructure to help admins track reports through the fedi.

I also think the "don't block instances, users can block people on their own" position is a joke. Can you imagine telling an email user to "just create a new filter rule to get rid of spam if its bothering you." Thats nuts.

Sign in to participate in the conversation
Refactor Camp

Mastodon instance for attendees of Refactor Camp, and members of various online/offline groups that have grown out of it. Related local groups with varying levels of activity exist in the Bay Area, New York, Chicago, and Austin.

Kinda/sorta sponsored by the Ribbonfarm Blogamatic Universe.

If you already know a few people in this neck of the woods, try and pick a handle they'll recognize when you sign up. Please note that the registration confirmation email may end up in your spam folder, so check there. It should come from administrator Zach Faddis.