this post was submitted on 09 Apr 2025

-8 points (34.6% liked)

Fedibridge

545 readers

144 users here now

A community to organize and discuss the growth of the fediverse as a whole

Related communities

Megathreads

List of support/meta communities for each instance

founded 2 months ago

MODERATORS

[email protected]

-8

Should established instances move to an allowlist-based federation model? (jlai.lu)

submitted 3 days ago* (last edited 2 days ago) by [email protected] to c/[email protected]

16 comments fedilink hide all child comments

I've been wondering about this for the past week and given the trouble Lemmy users have had with the Nicole spam, would it make sense for large Lemmy instances to switch to a whitelist approach for federation?

Instead of automatically federating with every new instance, what if we set up a system where federation had to be requested and approved? New instances could submit a request to federate, and the panel of federated instances could evaluate it before accepting. Any instance added to the white list would ideally be whitelisted across participating instances.

It might help with moderation challenges, reduce spam and bad actors, and give communities more control over the content that appears. BUT it adds unnecessary friction and turns the Lemmyverse into a closed space which goes against the idea of federation.

Curious what other people think and how we can brainstorm an approach for this kind of moderation issue long term.

Edit: please do participate in this conversation instead of downvoting ?

top 16 comments

sorted by: hot top controversial new old

[–] [email protected] 7 points 3 days ago (1 children)

Seems like it could help. https://gui.fediseer.com/ was already a step in this direction

[–] [email protected] 1 points 2 days ago (1 children)

[–] [email protected] 1 points 2 days ago

Is indeed, I meant its creation was the step

[–] [email protected] 6 points 3 days ago* (last edited 3 days ago) (1 children)

panel of federated instances

Nope, can't see anything going wrong with that idea.

The great thing about federation is any instance owner can already do this, you're just asking to create an organization that decides who can federate. May as well be bluesky or reddit then.

At best you get a few major instances who together decide who can federate with them, and then those "major" instances lose traffic because people get annoyed with such nonsense and don't federate with them, their traffic slowly decreases, and eventually they become irrelevant.

Worst case: reddit.

If a few instances decide to pull this nonsense, I'll do all I can to avoid them. May make me setup my own just to ensure I don't have to deal with such authoritarians.

[–] [email protected] 5 points 3 days ago (1 children)

https://gui.fediseer.com/

[–] [email protected] 4 points 3 days ago (1 children)

That, at least, looks like it's trying to be an information provider and you can choose what to do with that info.

And even that is fraught with risk, it's challenging to do well and remain impartial.

Choosing to be authoritative about who can federate with who sounds a lot like email today.

It's definitely something to be concerned about and fediseer seems to be trying to get ahead of the problem before the fediverse suffers the same fate as email.

[–] [email protected] 0 points 2 days ago

It is informative, but at some point if the top 30 instances decide to not federate with every new instance that top up, and rely on Fediseer to see whether new instances can be trustworthy or not, we wouldn't be that far from what OP describes, and based on the spam waves we've received lately, that would be understandable.

[–] [email protected] 2 points 2 days ago

No. Limited access and restrictions should not be the default.

[–] [email protected] 3 points 3 days ago (1 children)

*Allow-list.

[–] [email protected] 3 points 2 days ago

updating the title, thank you for the correction!

[–] [email protected] 1 points 2 days ago (1 children)

Maybe something like a time delay, or thresholds of some kind could be added into this equation?

Say, theoretically, everyone switches over to a verified whitelist model, instead of an automatic approval of any new instances.

Now, I don't think you're gonna get some kind of... UN of large instances to collectively do some kind of formal process that is shared between all members, and then somehow their collective decisions are binding for all members of this... instance UN.

But, individual instances could adopt and manage their own less permissive whitelist model, with their own vetting processes.

So an example could be:

Don't auto federate to every new instance.

Instead, wait for the instance to be... 2, 4, 6 weeks old, wait for it to have so many unique users, so many daily posts or comments in whatever timeframe... then when that threshold is passed, it gets auto whitelisted.

If a new instance owner wants to accelerate federation with your instance, new instance owner can send out some kind message describing their instance, overriding this process.

I am not 100% sure how the actual technical backend here works, how easy or difficult this would be to implement, how much workload this would put on instance admins.

If anything like this is possible, I really think you'd want to keep the 'sovereignty' of how the process would work still within the sole control of each instance, and not just... make a super-instance governing body that makes binding decisions for all accepted members.

That would be a mess, and would... just make the 'panel of big important instances' into basically the UN security council.

But at a per instance level, it doesn't seem unreasonable that individual instances could consider their own sets of federation criteria other than just 'automatically accept everything and only blacklist after massive drama or a botnet instance arises'.

[–] [email protected] 3 points 2 days ago

Yeah i dont think any from of UN like organisation between instance is even feasible without opening a can of worm when it comes to who has authority over the Lemmyverse, your ideas are a lot more thoughtful and elegant

[–] [email protected] 1 points 2 days ago* (last edited 2 days ago) (1 children)

I think something like this will become more necessary as spam becomes a larger problem. This is why I started the fediseer in the first place. The fediverse/apub model is very prone to abuse by spammers who exploit its open nature. The point of using the fediseer already now, is that when the problem becomes impossible to ignore, we already have a service set to combat it populated with the relevant info.

Relevant as well

[–] [email protected] 2 points 2 days ago (1 children)

It will probably happen. Having to ban waves of spam accounts every week isn't sustainable.

[–] [email protected] 4 points 2 days ago (1 children)

Sadly way too many admins and developers are content to ignore this problem, until it's too much to ignore. And at that point, the solutions need to already exist. More specifically I wish more admins would actively curate the fediseer and help with improving its automation toolset. Sadly it's still just me.

[–] [email protected] 1 points 2 days ago

😔