[feat] Auto-deny registration applications based on application contents #527

Open
opened 2023-04-23 18:33:47 +00:00 by Seirdy · 0 comments
Contributor

The idea

Auto-deny registration requests containing handles or reasons matching regular expressions.

The reasoning

Low-effort spam sign-ups often use the same username or registration reasons across many instances. In admin chatrooms, we sometimes share registration reasons and usernames for malicious accounts. Being able to auto-deny registrations for accounts with handles or registration-reasons matching a given regex would help instances deal with unexpected waves of spambot registration.

Some instances, such as botsin.space, go one step further and require applicants to include a "magic string" in their reason to register. Being able to deny registration with a regex would simplify the ability to filter registrations.

Ideally, such a feature could also be behind a toggle; during a spam wave, admins could turn it on for a less nuclear alternative to closing down registration entirely or moving to invite-only.

Note that this isn't foolproof; username-generators already exist, and I imagine that LLMs in the near future could read an instance's "about" page and generate a plausible-sounding registration reason with a magic string. More tools are still needed, but this can be a good start.

Have you searched for this feature request?

  • I have double-checked and have not found this feature request mentioned anywhere.
  • This feature is related to the Akkoma backend specifically, and not pleroma-fe.
### The idea Auto-deny registration requests containing handles or reasons matching regular expressions. ### The reasoning Low-effort spam sign-ups often use the same username or registration reasons across many instances. In admin chatrooms, we sometimes share registration reasons and usernames for malicious accounts. Being able to auto-deny registrations for accounts with handles or registration-reasons matching a given regex would help instances deal with unexpected waves of spambot registration. Some instances, such as `botsin.space`, go one step further and require applicants to include a "magic string" in their reason to register. Being able to deny registration with a regex would simplify the ability to filter registrations. Ideally, such a feature could also be behind a toggle; during a spam wave, admins could turn it on for a less nuclear alternative to closing down registration entirely or moving to invite-only. Note that this isn't foolproof; username-generators already exist, and I imagine that LLMs in the near future could read an instance's "about" page and generate a plausible-sounding registration reason with a magic string. More tools are still needed, but this can be a good start. ### Have you searched for this feature request? - [x] I have double-checked and have not found this feature request mentioned anywhere. - [x] This feature is related to the Akkoma backend specifically, and not pleroma-fe.
Seirdy added the
feature request
label 2023-04-23 18:33:47 +00:00
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: AkkomaGang/akkoma#527
No description provided.