Was talking about Mastodon with an old-school sysadmin guy. We reached the realization that defederating from instances with no/bad moderation is essentially the same thing as blocking open relays back when you ran your own email server: open relays always end up getting used for spam, you block 'em to protect your users.
Email was and still is the first federated social network, so it already faced a lot of the same problems; we should study its solutions (and its failures).
@nindokag Makes me wonder just how practical it is to have your own email server in these days of gmail and mailru. AFAIK it would get on spam/black lists pretty quickly and into white lists never, so good luck having your mail reach anyone.
Many people and companies still do. And gmail's unwillingness to play nicely with them because of their own short-sighted dictatorial policies is a major reason for people drifting away from gmail. In fact, I hear more about people leaving gmail for that reason, than for ideological reasons (granted the ideological people are loud).
Obviously I'd suggest doing it ~in the cloud~ on a reserved IP with stable documented software, but the rest is just Normal Admin Stuff. Certainly doable and Gmail doesn't whine. (The key is DKIM+SPF+rdns and checking blacklists.)
@artlav I run my own, and have done so for 5 or so years. I had a problem once with one specific email server where my emails ended.up in the junk folder, but that was because I wasn't using an spf DNS record. Now it's fine.
@nindokag so what you're saying is: we've reinvented email
@nindokag Any good policies to follow that don't involve blanket rules? E.g. block a domain for 6 hrs if your server gets >X spam reports from its emails
It also opens the system up to abuse--I don't recall the names but I'm thinking of the blacklists which require payment before they will remove you. Experience dealing with email blacklists is one of the reasons why I have always opposed Dzuk's list regardless of its usefulness; I would prefer if fedi didn't turn into that.
@ng0 @cwebber @nindokag
The best that we can do is offer other solutions, but we can't prevent such a thing from happening. Just in the discussion of anti-spam techniques, I've seen some very upset people who want explicit whitelists- who only want to federate with nodes they feel share the same values.
I think that would be a very bad thing for the Fediverse, but I can't stop such a thing from happening.
@emacsen I suppose some of the issue here may be with the assumption that every node will federate in a similar way, when actually there should probably be a diversity of types of communities, each using a different federation policy in lines with their needs.
Universal whitelisting and universal blacklisting both strike me as unhealthy, but smaller specialist or marginalized communities could work on a whitelist basis, while larger communities blacklist and others graylist (once that's an option) or don't moderate at all. Federation doesn't necessarily have the expectation email does, where every person should ideally be able to talk to every other person without exception. So long as there's a range of options available, perhaps that will mitigate the potential damage to the fediverse as a whole.
This is a very complicated situation, but let me give you an answer...
There may be some communities for whom it would be entirely appropriate to have a whitelist-only federation agreement. One example that comes to mind are sites that cater to children where any kind of inappropriate content would be entirely unacceptable. But those should be the minority because the real goal of federation is to interconnect.
The goal of a Fediverse is interconnection, and to me, the idea of a whitelist is as unacceptable as it would be for an email server to do so. I don't need pre-arangement with any existing email server, and requiring something like that would be a huge undertaking, blocking many smaller servers, and ultimately create a situation where only the large and powerful entities exist.
That would bring us back to centralization, which defeats the purpose.
What many on the Fediverse advocating for strong controls are forgetting is that under a strict controls, it's the underrepresented or oppressed who suffer just like they did under centralized systems.
Worse, they'll create islands again. Maybe there will be a social media site that serves your small community, but the power of the Fediverse is being able to reach across the isles and build bonds, build understanding and compassion.
Many of us came to the Fediverse seeking understanding and acceptance- basic human needs.
Understanding and acceptance goes both ways. We need to hear the base needs of others, including their pain, anger and fear. The way to address it is with love, acceptance and compassion.
In order to give love, acceptance and compassion across the boundaries of our communities, those communities must be able to communicate, and thus we need federation.
@emacsen @cwebber I think the way things need to end up is similar to the way spam ended up: strong reputation analysis, sufficient sensor base to stop drive-by abusers before they hit their hundredth new target server (i.e. servers should compare notes) and Bayesian filtering of content (only imagery? spammy/abusive words? bad behavior?)
The FB CIO said they approach it like counterinsurgency among a "good" populace and I think that's a great tactic.
@nindokag @RobinHood But then you've got a bunch of bullshit older tech that can't understand clever email bits, so you re-create relays on your LAN because you value easy setup and know that absolutely none of your users will use it for spam because they don't know a single thing about any of the stuff the use that does the daily magic they all depend on. LOL.
@nindokag so @cjd made a presentation at 34c3 about BGP and the rule of custom and I think it exemplifies this very much (also he talks about the relationship with mastodon too at the end) https://media.ccc.de/v/34c3-9072-bgp_and_the_rule_of_custom
> Email was and still is the first federated social network
No it wasn't, not by a long shot. The concept has been in use since the very dawn of civilisations.
If you restrict your study to electronic communication you end up with a mountain of hidden variables. For a start: cost barriers.
Do yourself a favour and stop thinking of this if it was any sort of innovation.
@61 Did any of the ancient offline networks use techniques we could learn from, that you know of?
@nindokag we should also keep in mind that the ultimate solution email eventually reached was to centralize on half the planet using Gmail and make it an enormous pain in the ass for anyone who isn't a corporation to run their own email server without getting flagged as a potential spammer by gmail.
I think the ultimate lesson of email is that decentralized/federated networks just ... don't work, in the long term.
Honestly my reaction upon realizing that email was the first big example of federation was that we should not emulate email. Email ended up heavily centralized, and the prevalence of blacklists designed to block spam (or bad actors, in the case of fedi) was a big reason for that. Let's not do that here.
(For myself I would prefer a filtering system along the lines of Pleroma's MRF, which is one of the things that ultimately edged Gmail out over the competition.)
I find myself continually thinking about and promoting discussion around the Zot protocol since I just read about it a few days.
Would go a long way to solving two problems:
@nindokag good analogy...
That's apples and oranges
@nindokag To be honest, I don't really see this analogy fit especially talking about "bad moderation". What does "bad moderation" mean? Do we have agreed-upon, acceptable standards and rules of what "good moderation" is? Who is entitled to come up with these? We should be able to answer this question *first* before we try to figure out how to technically enforce things. For e-mail and spam, these rules are pretty clear and had quite some years to become clear and agreeable for the most part.
@nindokag This is exactly how I've been thinking about it, and I'm very curious what others think of the "mastodon like smtp" model of growth/adoption. I'm expecting RBLs, and more infrastructure to help admins track reports through the fedi.
I also think the "don't block instances, users can block people on their own" position is a joke. Can you imagine telling an email user to "just create a new filter rule to get rid of spam if its bothering you." Thats nuts.
Mastodon instance for attendees of Refactor Camp, and members of various online/offline groups that have grown out of it. Related local groups with varying levels of activity exist in the Bay Area, New York, Chicago, and Austin.
Kinda/sorta sponsored by the Ribbonfarm Blogamatic Universe.
If you already know a few people in this neck of the woods, try and pick a handle they'll recognize when you sign up. Please note that the registration confirmation email may end up in your spam folder, so check there. It should come from administrator Zach Faddis.