this post was submitted on 08 Aug 2023
64 points (98.5% liked)

Fediverse

28703 readers
302 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago
MODERATORS
 

Is this a singular occurrence for me, or is it prevalent across the instance?

It keeps saying that my account is not in a ready state.

It also does this for Lemmy ML and Blahaj Zone.

top 28 comments
sorted by: hot top controversial new old
[–] [email protected] 19 points 1 year ago (1 children)

Anyone heard of them being DDOS'd? This certainly sounds like ongoing DDOS and protections kicking in (assuming that by "verify my account" you mean "having to solve a captcha").

[–] favrion 2 points 1 year ago (1 children)

By that, I mean that I can't check my inbox or look at my profile, only my feed. It doesn't bring up any captchas.

[–] PriorProject 3 points 1 year ago

Lemmy.world has been under repeated attack recently though, and the behaviors you've described match what I see when th service is down. You can see current status and the history of frequent incidents at https://lemmy-world.statuspage.io/.

To relate to your statement about what fails and how, I can say I've seen the failure-modes change as they adapt the setup, and it's a more complex stack than other lemmy instances in order to deal with the attacks and large scale. It degrades in complex ways that are hard to fully reason about unless you're pretty deeply familiar with how things are out together.

I suspect you're seeing a combination of "lemmy world is broken sometimes", "Cloudflare gives weird errors sometimes", and "clients cache things or degrade to unauthenticated connections sometimes". But in any case, seeing lemmy.world be flaky is not weird, it's having a heckuva time.

[–] leraje 17 points 1 year ago (1 children)

Don't know about the other 2 but .world has been enduring an on/off ddos attack for over a week, then yesterday had a non ddos related db issue.

[–] favrion 4 points 1 year ago

They have something that the cyberterrorists want, so they must be doing it right.

[–] [email protected] 6 points 1 year ago (1 children)

I noticed Jerboa saying something about my account being verified on lemmy.world in between 502s and other network errors. I've never seen that before, but looks like it's not exclusive to you.

[–] favrion 4 points 1 year ago

As long as it's universal it's... better? lol

[–] StayFrosty 5 points 1 year ago (1 children)
[–] favrion 1 points 1 year ago (1 children)
[–] StayFrosty 2 points 1 year ago

Atleast now we know that it's not user specific.

[–] [email protected] 3 points 1 year ago (1 children)

As a potential workaround, have a look at a comment I made a while back in a similar context: https://sopuli.xyz/comment/1603292

[–] favrion 1 points 1 year ago (1 children)

I am also in nine other instances. But I have some communities on this instance that I don't know how to move into other instances in case this one goes kaput.

[–] [email protected] 1 points 1 year ago (1 children)

You might want to set-up a backup community on another instance. Then you make a sticky on your current community: if LW goes down, we meet there.

[–] favrion 2 points 1 year ago

I may do that.

[–] [email protected] 3 points 1 year ago (2 children)

As an instance owner I can say lemmy.world is a bit of a troublemaker as it will constantly halt and resume federation activities in a very bursty way and cause momentary spikes in resource usage. I have now upgraded the instance enough that it's not really a problem, just an annoying observation.

Having said that - feel free to test run my instance! The only problem I am currently aware of - gmail outright refuses to accept email from it, so verification is impossible. Thanks, Google! Have not had any reports about other providers, though!

[–] [email protected] 1 points 1 year ago (1 children)

My instance uses Gmail just fine. Did you setup an app password?

[–] [email protected] 3 points 1 year ago (1 children)

I'm not using Gmail to send email. Gmail refuses to receive email from my instance.

[–] [email protected] 1 points 1 year ago (1 children)

Are you running your own mail server?

[–] [email protected] 1 points 1 year ago (1 children)

Yes, of course! In the spirit of the federation!

[–] [email protected] 1 points 1 year ago (2 children)

Most mail services will block self hosted mail servers because you have no IP reputation or if you're using a VPS could have an IP that previously ended up on a blacklist.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

Yes, but that block is normally in a form of being marked as spam. This is different. Mail gets dropped without ever reaching the recipient's mailbox.

As an aside, I have been running my own mailserver for years and it's been working fine since the beginning. Getting marked as spam here and there, but for the most part - fine. I'll shift the mail setup at some point to have proper dkim support, but for now all I can say is - avoid gmail.

old man shouting at cloudsI understand how spam was a problem and why, at a glance, it seemed like a great idea to simply block any email that does not come from a previously known/trusted IP. However, in my opinion, all this has achieved are two things:

  • Massive centralisation of email - nobody can host their own easily anymore. You have to pay to get any semblance of guaranteed delivery
  • Dumbing down of the general populace - "you don't need to understand how any of this works! Here, use our service and it will just work!" Which also makes people complain to me about something as free (liberty) as email not being set up on google or aws. Screw those guys, I want my free internet.
[–] brygphilomena 1 points 1 year ago (1 children)

Interesting. I don't really want to get into troubleshooting, but general curiosity has me wondering a few things since my server gets delivered to Gmail but only marked as spam for a new domain for the first couple weeks.

Is there a hard spf fail? Is your IP or domain on any blacklists? Is it a digital ocean or similar vps provider using their IP pool? Do you get any bounce back from Gmail with a reason or is it silently dropping?

[–] [email protected] 1 points 1 year ago (1 children)

Yes, it's digitalocean and yes, I get a bounced message telling me to use an email provider. I have some plans that involve a wider setup than just my lemmy instance, hence the delay in implementation.

[–] brygphilomena 2 points 1 year ago

Ah yea. I've seen the whole digital ocean IP space be blocked. They really dont like digital ocean.

[–] brygphilomena 1 points 1 year ago

Most mail service will not outright block email. Most seem to be configured to follow a handful of blacklists and build a reputation.

They might start you marked as spam, but few outright block based solely on IP. Spam filters are far more mature than that these days.

[–] favrion 1 points 1 year ago (1 children)
[–] [email protected] 2 points 1 year ago (1 children)

https://lemmy.cafe

Is it not visible next to my username?

[–] favrion 1 points 1 year ago

I didn't see it im your previous comment.