If any Mastodon admins are dealing with spam account sign-ups, it's worth noting that these accounts seem to universally use disposable email providers and burner email address. There's a GitHub repo that tracks these providers. All moderation inquiries are sent to a user's email on Mastodon, so there's no legitimate reason any Mastodon user should be using a disposable email address. As such, there's a git repository that tracks these disposable email providers. There are also bash scripts that will import the repository into tootctl for you.

The disposable email git repo can be found here:

• Disposable Email Domains

And the bash scripts can be found here:

• Docker
• Regular/Not Docker

Simply clone the repo and copy the bash script onto your server, then edit the script to point at your Mastodon installation and the directory you cloned the repository to, and it should handle the rest.

Side note: I checked our logs and we had a huge spike in attempted sign-ups from a bunch of different disposable email addresses this week, so I can confirm that blocking them definitely works. :blobyeengrin:​

Multiple Misskey Servers have just had a spam attack with many of their bots even messaging me personally. This may be a new spam wave going through the Fediverse, this time only Misskey servers being affected (to my knowledge)!

The translated message reads:

Nice to meet you! I'm Suzuki Tetsuya, also known as the criminal Midokuri (Noname)! My hobby is nuking various sites!

The Mastodon Update 4.3, which has just been released today, would automatically filter messages like these. Many users, already on alpha versions of that release, will probably not even realize this attack is going on!