Anyone else having a sudden problem with users suspended from an instance or blocked instances being able to interact with your users?

I’ve have had a few racists, trolls, etc. interact with accounts on mine. I’ve been surprised their own admins don’t always act, but different instances handle it differently. Some are entire instances and I and my moderators instituted instances blocks in those cases.

Anyhow, it isn’t a great user experience if you offer people control of their privacy and they don’t end up with it.

It seems to be a sudden change in the last day or so and I was wondering if anyone else experienced it.

Thanks!

That should not happen, but could you clarify the following things:

• what version of Mastodon are you running?
• are the offending users blocked individually, or their domain as a whole?
• are the offending users/domains blocked by an end-user, or instance-wide (from the instance moderation interface)?
• were those recently-blocked users/domains, or were they blocked for a while?
• when you say they are able to interact with your users, is that something you see on your own instance, or theirs?

Hi!

Thanks for the reply. Here is what happens. The user @wauz who’s account is at mastodon.social, has been suspended at my instance for cause, several violations.

Somehow, they can all of a sudden reply to us and cause conversations like the below.

Why would this be?

Screenshot_20200902-103748_Fedilab1080×1235 385 KB

Alright. I see no evidence here of your server processing content from the suspended user, which is expected.

However, the suspended user can still see your public toots, since those are… public. And as such, they can also interact with them. That is expected behavior from Mastodon at the moment.

Note that we are investigating other ways to handle replies (having them vetted by the server hosting the post they are in reply to), but those changes would be pretty deep changes to the protocol, so it is still a long way before it happens, if it even happens.

Suspensions aren’t so suspendy then. Shame as Mast promises control but OK

I hate to instance block mastodon.social.

Is that the only solution?

Thanks for answering so quickly.

Blocking mastodon.social would only make a difference if you also enable the Authorized Fetch mode (setting the AUTHORIZED_FETCH env variable to true), which may have negative performance implications.

If you enable it, your server will only serve your public toots to servers that authenticate themselves (all recent Mastodon servers do, as well as most other fediverse software) and are not blocked. Without it (the default), the instance does not perform those checks, which enables some optimizations.

Note that enabling Authorized Fetch mode doesn’t change much on individual user suspensions as the other instances do not know the specific users you have blocked, and do not fetch toots on their behalf, but on the behalf of the instance itself.

That’s a shame. Blocked users should be blocked. Perhaps Mastodon isn’t for me. I appreciate your guidance on the issue. I’ll talk it out with my mods.

The “discard everything that goes to you” end of “blocking” works, but public posts will remain, by definition, public, and in this context, preventing the blocked party to seeing or referencing your content is just a best-effort thing.

As I said earlier, we are investigating other ways to handle replies within Mastodon, by having the author’s software “vet” the replies, but it’s a big change, and it wouldn’t be foolproof either: malicious servers (as well as other implementations that wouldn’t be interested by this feature or would have difficulties implementing it) could just not perform that check and reply and list unvetted replies anyway. Well-meaning servers that do implement the feature would be able to reject un-veted replies, though.

I understand. Thanks.

Actually, the unfortunate part of the issue is that .social is failing to moderate the account.

Since that’s the main dev’s instance, it’s not a good example.

Thanks, again.