So some spam signups just happened (all [email protected] format e-mail) This caused bounced mail to increase, causing Mailgun to block our domain to prevent it getting blacklisted.

So:

  • Mail temporarily doesn’t work
  • I closed signups for now
  • I will ban the spam accounts
  • I will check how to prevent (maybe approval required again?)

Stay tuned.

Edit: so apparently there is a captcha option which I now enabled. Let’s see if this prevents spam. Registrations open again.

Edit2 : Hmm Mailgun isn’t that fast in unblocking the domain. Closing signups again because validation mails aren’t sent

Edit 3: I convinced Mailgun to lift the block. Signups open again.

    • Ruud@lemmy.worldOPM
      11·
      1 year ago

      Yes the devs should do that. We’re currently discussing the the Lemmy matrix chat.

    • Dr. Moose@lemmy.world
      3·
      1 year ago

      Captchas are laughably easy to get around but they do work against dumb script kiddies which seems this attack is originating from.

  • Philip@endlesstalk.org
    20·
    1 year ago

    I ran into the issue on my instance as well, but checking the Captcha option in admin settings, stopped the signups for me.

  • Sorenchu@lemmy.world
    7·
    1 year ago

    Sounds frustrating. Thanks for doing what you do and letting us join your server! Hope the captcha works out.

  • fsk@lemmy.world
    4·
    1 year ago

    I solved this problem once. What you do is have a custom captcha that you code yourself. It can be as simple as “What is 2+3?” and have 10-20 questions that you rotate between. Most spammers will be too lazy to update their spambot.

  • rastilin@kbin.social
    4·
    1 year ago

    Last time a website I was managing was bombarded with spam signups, I set up a regular expression to check for the incredibly distinctive format the spammers were using… then it reports success but doesn’t actually create the account or send an email. Spam problem over.

  • Argyle13 @lemmy.world
    2·
    1 year ago

    I was trying to open my account just when lemmy.world was closed earlier. When I pressed the button to create it I only got and enless “charging” animation. But when it reopened, I just started the process again, and was as easy as a breeze and extremely fast. Glad to be here! (and this is my first post)

  • halo5@lemmy.world
    2·
    1 year ago

    I’ve run into this issue with some of my servers in the past and it’s a real PITA to deal with because not only do you have to mitigate the issue, but then you have to make requests to get de-blacklisted, etc. I finally got sick of it all and installed a Barracuda spam firewall in front of the mail server. I have MUCH easier control over IMAP/SMTP now.

      • halo5@lemmy.world
        1·
        1 year ago

        I was vaguely aware of that, but I’m very glad that you posted this link because I didn’t realize that it was this serious and that it hasn’t been patched! My unit is completely up-to-date with firmware and patches, but I can’t find an actual list of affected models ANYWHERE! I’ve taken a cursory look at my system and it doesn’t appear to be compromised, but I emailed Barracuda for additional info. Thanks for this!

  • EvilMonkeySlayer@kbin.social
    2·
    1 year ago

    User on kbin here, just tried to sign up to lemmy.world… looks like everything crashed and burned when tried to sign up there.

  • pragma@kbin.social
    2·
    1 year ago

    OK that makes sense, I was trying to sign up and couldn’t figure out why everything was timing out. Sorry if my attempts looked like spam.

    edit: it still doesn’t work for me btw

  • Chaos@lemmy.world
    2·
    1 year ago

    Becareful with this. There’s a clear trend of massive amount of bot accounts flooding lemmy as a whole