the list is not public, no. various instances have automods in place already, with varying aggressiveness.

the community bans are automatic when an instance ban is issued, they’ve been reverted along with the instance unban.

please don’t link to domains used by spammers

have you ever seen this since we updated to Lemmy 0.19.9+?

It was most likely true at the time you wrote it, but it was also likely cached at the time.

It was likely in your browser cache or Cloudflare cache when accessed from SJW, but when accessed from LW the request would be different and not hit the cache. Browsers will generally partition your cache depending on which page you’re on when fetching media to prevent certain types of attacks. For Cloudflare cache, it could have been related to certain characteristics of the request.

Hi,

sorry for the late response, but this is actually a problem with SJW, not with us.

The image at https://sh.itjust.works/pictrs/image/4def1007-69c5-4d51-b227-83deef610f19.webp is not available anymore, as the underlying file has been deleted. Based on similar issues we’ve seen in the past on LW, this is likely the result of a false positive of a CSAM scanner deployed by SJW.

@TheDude@sh.itjust.works @imaqtpie@sh.itjust.works @InEnduringGrowStrong@sh.itjust.works

I truly appreciate the offer, but my concern isn’t about money, it’s about this taking away even more of my personal time. If this was a regular day job I was doing, rather than my actual day job, which I have in addition to the time I spend on Lemmy.World related activities, then I could file this during my regular working hours. After all, it’s time I’d spend being at work anyway.

I’ve recently been spending countless hours already dealing with other stuff that is not directly tied to Lemmy.World but came up “around” it, including sending abuse reports to various instances about CSAM that federated to them a long time ago. This includes time spent on identifying such material, then finding suitable abuse report mechanisms, providing instructions for how to deal with it. Afterwards it needs reviewing whether the content has been removed or requires further escalation steps, such as one case where I’ve filed a police report today for a case where neither the instance itself nor the hosting provider deals with abuse reports at all.

As mentioned before, there also seem to have been two different people involved in sending these messages, the original person, where most of the information is/was available publicly and has been collected by various people already, who would be in a much better position to report this content to law enforcement.
The person sending the gore images did in fact use a Lemmy.World account in one case, which we do have more information about than publicly available or available for users on other instances, so this would be the only case for which we’d be in a privileged position for reporting. This however would also most certainly not be a report that would help any sort of harassment investigation, as this copycat probably doesn’t have any ties to the original harasser.

If we had a significantly larger amount of donations towards our foundation we’d also be able to pay someone to deal with things like this, but we’re currently just over the hosting costs with our monthly donations.

you could easily report this to the police yourself then. i don’t really have anything more than what is publicly available, with the exception being one of the gore spam accounts.

I’m not saying you have to, but given that various people already collected a lot of information related to that stuff, they would be much better suited in actually reporting this to police somewhere.

I just tried sending the same message again.

If you still don’t receive it, please either share an email address or reach out to me via email; the address is the same as my Lemmy user.

edit: this comment also didn’t federate until I edited and changed votes a few times to trigger retries.

ping @beto@lemmy.studio @ndguardian@lemmy.studio (mention notifications only work in comments)

ping @feandoe@feddit.cl (mention notifications only work in comments)

you’ll want to follow https://github.com/LemmyNet/lemmy/issues/818 for that

Depends on the type of feature request.

For most feature requests the project issue trackers are likely the best place.

• Lemmy backend: https://github.com/LemmyNet/lemmy/issues
• Lemmy default web interface: https://github.com/LemmyNet/lemmy-ui/issues

Alternative UIs and apps have their own issue trackers as well.

If it’s something that’s just about configuration or something we have built ourselves !support@lemmy.world can be a good place for that.

Feel free to reply here though and I can tell you where it’s best placed.

we currently have our own solution to send emails with a custom text explaining why people were rejected and what they can do next. we’ll have to review whether the built-in solution would be capable of replacing this functionality adequately if we add rejection reasons to lemmy when rejecting the applications.

our current solution rejects applications and then deletes the user from the database to ensure that they can sign up again if they want, as denied applications only get deleted after a week or so and an appeal process would require support tickets and a lot more time to be spent by us on addressing those.

our application process is fully automatic and just depends on certain words to be provided and the email not being disposable.

The link is up there in the post for you to use.

The screenshot in my previous comment is directly from their abuse form at https://abuse.cloudflare.com/csam. Your email is specifically about their proactive scanner, not about abuse reports that are submitted.

They also explicitly state on their website that they forward any received CSAM reports to NCMEC:

Abuse reports filed under the CSAM category are treated as the highest priority for our Trust & Safety team and moved to the front of the abuse response queue. Whenever we receive such a report, generally within minutes regardless of time of day or day of the week, we forward the report to NCMEC, as well as to the hosting provider and/or website operator, along with some additional information to help them locate the content quickly.

they do, they just don’t require you to be registered with them anymore for their csam scanner:

potentially identifying information, such as addresses, must be removed. images of the person must either be heavily pixelated or entirely cut out.

with the content i’ve seen it gave me more of an impression of being captures of a live stream, but that’s just guessing

likely unrelated, but I already forwarded the PM reports we received on LW to .ee admins a few hours ago. probably just a “normal” pm spammer.

unless you operate the instance that is being used to send this material you can generally only work with the content that is being posted/sent in PMs. almost all identifying information is stripped when it leaves your local instance to be federated to other instances. even if there was a group of instances collaborating on e.g. a shared blocklist, abusers would just switch to other instances that aren’t part of the blocking network. there’s a reason why it’s not recommended to run a lemmy instance with open signups if you don’t have additional anti-spam measures and a decently active admin team. smaller instances tend to have fewer prevention measures in place, which results in a burden for everyone else in the fediverse that is on the receiving end of such content. unfortunately this is not an easy task to solve without giving up (open) federation.