Android shopping list apps disappointed me too many times, so I went back to writing these lists by hand a while ago.

Here’s what’s more fun: Write them in Vim and then print them on the dotmatrix printer. 🥳

And, because I can, I use my own font for that, i.e. ImageMagick renders an image file and then a little tool converts that to ESC/P so I can dump it to /dev/usb/lp0.

(I have so much scrap paper from mail spam lying around that I don’t feel too bad about this. All these sheets would go straight to the bin otherwise.)

Image

@prologic@twtxt.net @movq@www.uninformativ.de Same here, I give each service a dedicated e-mail address. It’s very interesting to see how e-mail addresses are transferred to other actors. Luckily, this only happens rarely. But it does happen. In surprising ways.

Aliases not only help to fight spam, but are also a great way to specify filter rules to sort e-mails.

@prologic@twtxt.net FWIW, I love the idea and I do the same with my email domains. It’s the most effective way to fight spam, IMO. 🥳

@bender@twtxt.net I think that’s where it sends the capture verification requests. It’s based on PoW, so it has to perform validation somehow. It actually looks pretty decent as far as a way to prevent spam/abuse of forms on the open web (e.g: Waitlist on SnipMail).

I had a looksie (just to be sure) at the database, and they were thankfully legit test events. But this did spark/trigger me to make sure I have some form of anti-spam measures in place. So I added some per-event / per-rsvp rate-limiting and honeypot(s).

@bender@twtxt.net Is dealing with spam fun though? DDoS attacks? DoS attacks? Scans for all kinds of stupid shit™? Malware? Advertising? Tracking? Spying? ..

(g+) Souveräne Maildienste für Privatnutzer: Briefgeheimnis gesichert
Für viele Privatnutzer lohnt sich ein eigener Mailserver nicht und öffentliche Maildienste unterscheiden sich teils erheblich - eine Orientierungshilfe. Ein Ratgebertext von Erik Bärwaldt ( E-Mail, Spam)

Image

@prologic@twtxt.net I know we won’t ever convince each other of the other’s favorite addressing scheme. :-D But I wanna address (haha) your concerns:

1. I don’t see any difference between the two schemes regarding link rot and migration. If the URL changes, both approaches are equally terrible as the feed URL is part of the hashed value and reference of some sort in the location-based scheme. It doesn’t matter.

2. The same is true for duplication and forks. Even today, the “cannonical URL” has to be chosen to build the hash. That’s exactly the same with location-based addressing. Why would a mirror only duplicate stuff with location- but not content-based addressing? I really fail to see that. Also, who is using mirrors or relays anyway? I don’t know of any such software to be honest.

3. If there is a spam feed, I just unfollow it. Done. Not a concern for me at all. Not the slightest bit. And the byte verification is THE source of all broken threads when the conversation start is edited. Yes, this can be viewed as a feature, but how many times was it actually a feature and not more behaving as an anti-feature in terms of user experience?

4. I don’t get your argument. If the feed in question is offline, one can simply look in local caches and see if there is a message at that particular time, just like looking up a hash. Where’s the difference? Except that the lookup key is longer or compound or whatever depending on the cache format.

5. Even a new hashing algorithm requires work on clients etc. It’s not that you get some backwards-compatibility for free. It just cannot be backwards-compatible in my opinion, no matter which approach we take. That’s why I believe some magic time for the switch causes the least amount of trouble. You leave the old world untouched and working.

If these are general concerns, I’m completely with you. But I don’t think that they only apply to location-based addressing. That’s how I interpreted your message. I could be wrong. Happy to read your explanations. :-)

Here is just a small list of things™ that I’m aware will break, some quite badly, others in minor ways:

1. Link rot & migrations: domain changes, path reshuffles, CDN/mirror use, or moving from txt → jsonfeed will orphan replies unless every reader implements perfect 301/410 history, which they won’t.
   
2. Duplication & forks: mirrors/relays produce multiple valid locations for the same post; readers see several “parents” and split the thread.
   
3. Verification & spam-resistance: content addressing lets you dedupe and verify you’re pointing at exactly the post you meant (hash matches bytes). Location anchors can be replayed or spoofed more easily unless you add signing and canonicalization.
   
4. Offline/cached reading: without the original URL being reachable, readers can’t resolve anchors; with hashes they can match against local caches/archives.
   
5. Ecosystem churn: all existing clients, archives, and tools that assume content-derived IDs need migrations, mapping layers, and fallback logic. Expect long-lived threads to fracture across implementations.

@alexonit@twtxt.alessandrocutolo.it I took it down mostly because of continued abuse and spam:l. I intend to fix I and improve the drive and its sister at Summer point 🤞

Someone please ban 2929b’s autistic spamming ass.

Why is this idiot spamming the same shitty site?

this is spam

I have a Python script that transforms the original YouTube channel Atom feed into a more useful Atom feed by removing the spam description and replacing it with the video duration, filtering out videos by title, duration, etc. I just updated it to exclude the damn Shorts garbage more efficiently. Finally, YouTube updated their Atom feed generation, so that the video URL contains /short/ if it’s of this useless kind. Never thought that they ever actually will improve their Atom feeds. Thank you, much appreciated!

ProcessOne: ejabberd 25.07

Image

Release Highlights:

This release focus on integration in a wider federated network, with support for spam fighting features, better compliance with Matrix network and native support for PubSub Server Information to have your server count as part of the wider XMPP network (for example, you can register your server on XMPP Network Graph).

• **Spam filter … ⌘ Read more

Serasa Experian é uma empresa tão pilantra mas tão pilantra que agora estão descaradamente fazendo spam a partir de emails coletados do registro brasileiro de domínios (Registro.BR) é muito irritante.

Please, someone ban this bots. I’m tired of this garbage. Some bastards started spamming in gopherspace. I’m so tired of them.

Sooo many new spam feeds to mute in the twtxt.net discovery view. :-( The RSS/Atom to Twtxt feed bridge was a mistake, I believe. I guess I just have to abandon that altogether and rely on my subscriptions to interact with new feeds in order to discover legitimate new ones. Not sure if that works, sounds like a chicken-‘n’-egg problem.

My idea of how a modern mailing service should work
Comments ⌘ Read more

ALTCHA - Next-Gen Captcha and Spam Protection
Comments ⌘ Read more

Definitely open to taking on users 👌I only have open registrations turned off because of spam accounts and my pod being the most popular amongst spammers 🤣

@eapl.me@eapl.me Interesting! Two points stood right out to me:

1. Why the hell are e-mail newsletters considered a valid option in the first place? Just offer an Atom feed and be done with it! Especially for a blog of this very type. This doesn’t even involve a third party service. Although, in addition he also links to Feedburner, what the fuck!? No e-mail address or the like is needed and subject to being disclosed.

2. When these spam mailers want to prevent resubscribing, then for fuck’s sake, why don’t they use a hash of the e-mail address (I saw that in yarnd) for that purpose? Storing the e-mail address in clear text after unsubscribing is illegal in my book.

Gajim: Gajim 2.0.0
Gajim 2.0 is here and it comes with a big upgrade 🎉 Gajim migrated its user interface toolkit to GTK 4, which brings performance improvements and sets the ground for great features to follow. Additionally, this release brings improved image previews, better tools for fighting spam, and much more. All of these changes were only possible by touching a lot of Gajim’s code base, and we appreciate all the feedback we got from you.

Switching Gajim’s major ver … ⌘ Read more

@bender@twtxt.net Don’t panic. I’ve just been testing my implementation. The great advantage of Twtxt is it’s openness, I think. So DM spamming would contradict to this feature I like. ❤

reviewing logs this morning and found i have been spammed hard by bots not respecting the robots.txt file. only noticed it because the OpenAI bot was hitting me with a lot of nonsensical requests. here is the list from last month:

• (810) bingbot
  
• (641) Googlebot
  
• (624) http://www.google.com/bot.html
  
• (545) DotBot
  
• (290) GPTBot
  
• (106) SemrushBot
  
• (84) AhrefsBot
  
• (62) MJ12bot
  
• (60) BLEXBot
  
• (55) wpbot
  
• (37) Amazonbot
  
• (28) YandexBot
  
• (22) ClaudeBot
  
• (19) AwarioBot
  
• (14) https://domainsbot.com/pandalytics
  
• (9) https://serpstatbot.com
  
• (6) t3versionsBot
  
• (6) archive.org_bot
  
• (6) Applebot
  
• (5) http://search.msn.com/msnbot.htm
  
• (4) http://www.googlebot.com/bot.html
  
• (4) Googlebot-Mobile
  
• (4) DuckDuckGo-Favicons-Bot
  
• (3) https://turnitin.com/robot/crawlerinfo.html
  
• (3) YandexNews
  
• (3) ImagesiftBot
  
• (2) Qwantify-prod
  
• (1) http://www.google.com/adsbot.html
  
• (1) http://gais.cs.ccu.edu.tw/robot.php
  
• (1) YaK
  
• (1) WBSearchBot
  
• (1) DataForSeoBot
  

i have placed some middleware to reject these for now but it is not a full proof solution.

It’s surprising how much I can reduce the amount of spam that Rspamd needs to filter – whether it ends up in my junk folder or even my inbox – just by blocking certain recipient addresses. Using unique email addresses for each service, like “deezer @ example.com” for Deezer, was one of the best decisions I made, especially combined with a catch-all address. ⌘ Read more

@prologic@twtxt.net Which one? I don’t mind the ternary operator at all. In fact, I often find myself missing it in Go. I don’t find the two alternatives particularly elegant:

foo := "eggs"
if bar {
    foo = "spam"
}

Or:

var foo string
if bar {
    foo = "spam"
} else {
    foo = "eggs"
}

To my eye, this just would look a lot nicer:

foo := bar ? "spam" : "eggs"

Or at least as the Pythons do it:

foo = "spam" if bar else "eggs"

The ternary operator especially shines with relatively short expressions.

Ok, it’s really spam account: https://twtxt.net/twt/xu3u7zq . Damn spammers. Can you delete this?

Is it spam bot or just innocent citizen? But nickname looks suspious

I made a draft of an “encrypted public messenger”, which was basically a Feed for an address derivate from the public ket, let’s say ‘abcd..eaea’

Anyone could check, “are there any messages for my address?” and you get a whole list of timestamps and encrypted stuff.

Inside the encrypted message is a signature from the sender. That way you ‘could’ block spam.

Only the owner of the private key could see who sent what, and so…

And even with that my concussion was that users expectations for a private IM might be far away from my experiment.

Google Begins Requiring JavaScript For Google Search
Google says it has begun requiring users to turn on JavaScript, the widely-used programming language to make web pages interactive, in order to use Google Search. From a report: In an email to TechCrunch, a company spokesperson claimed that the change is intended to “better protect” Google Search against malicious activity, such as bots and spam, and to improve the over … ⌘ Read more

ILITA (russian network in i2p) get spammed very often (including dms and channels). Now i forgot password and can’t join in +r channels :(

Ban the spam! 🚫
I’m tired of spam emails flooding my inbox, so I decided to take inspiration from Kev’s approach. I noticed that many of the spam messages were being sent to the email address I published on my legally required imprint. ⌘ Read more

Gopherholes come and go. It’s normal. Got no answer to my mail (No garantee that it’s not sitting in a spam folder).

@eapl.me@eapl.me here are my replies (somewhat similar to Lyse’s and James’)

1. Metadata in twts: Key=value is too complicated for non-hackers and hard to write by hand. So if there is a need then we should just use #NSFS or the alt-text file in markdown image syntax ![NSFW](url.to/image.jpg) if something is NSFW

2. IDs besides datetime. When you edit a twt then you should preserve the datetime if location-based addressing should have any advantages over content-based addressing. If you change the timestamp the its a new post. Just like any other blog cms.

3. Caching, Yes all good ideas, but that is more a task for the clients not the serving of the twtxt.txt files.

4. Discovery: User-agent for discovery can become better. I’m working on a wrapper script in PHP, so you don’t need to go to Apaches log-files to see who fetches your feed. But for other Gemini and gopher you need to relay on something else. That could be using my webmentions for twtxt suggestion, or simply defining an email metadata field for letting a person know you follow their feed. Interesting read about why WebMetions might be a bad idea. Twtxt being much simple that a full featured IndieWeb sites, then a lot of the concerns does not apply here. But that’s the issue with any open inbox. This is hard to solve without some form of (centralized or community) spam moderation.

5. Support more protocols besides http/s. Yes why not, if we can make clients that merge or diffident between the same feed server by multiples URLs

6. Languages: If the need is big then make a separate feed. I don’t mind seeing stuff in other langues as it is low. You got translating tool if you need to know whats going on. And again when there is a need for easier switching between posting to several feeds, then it’s about building clients with a UI that makes it easy. No something that should takes up space in the format/protocol.

7. Emojis: I’m not sure what this is about. Do you want to use emojis as avatar in CLI clients or it just about rendering emojis?

Telcos in talks to roll out ‘SMS on steroids’
Telstra, Optus and TPG are in talks to implement an SMS replacement that could slash the rate of spam messages. ⌘ Read more

That’s very sad… Btw twtxt is more hardly to spam because of bad discovery. So you can only spam to your followers. Did you really want abandon best method of microblogging?

JMP: SMS Censorship
Since almost the very beginning of JMP there have been occasional SMS and MMS delivery failures with an error message like “Rejected for SPAM”. By itself this is not too surprising, since every communications system has a SPAM problem and every SPAM blocking technique has some false positives. Over the past few years, however, the incidence of this error has gone up and up. But whenever we investigate, we find no SPAM being sent, just regular humans having regular conversations. So what is happening here? Are … ⌘ Read more

I have a question for the IndieWeb community: What can we do against Webmention spam, except filter it out, when it fails validation? I receive hundreds of invalid Webmentions a day, and even using a filtering DNS server doesn’t seem to help much. But I also don’t want to waste network traffic to access all those spam sites. Is there any good block list I can check first before doing the request for validation? I thought about Akismet, but the API has no such option to only check the submitted URL. ⌘ Read more

I guess it got rid of all the dead spam bot accounts at least 🤣

@mckinley@twtxt.net full of crypto spam. Slow. Bad UI’s.

JMP: SMS Censorship
Since almost the very beginning of JMP there have been occasional SMS and MMS delivery failures with an error message like “Rejected for SPAM”. By itself this is not too surprising, since every communications system has a SPAM problem and every SPAM blocking technique has some false positives. Over the past few years, however, the incidence of this error has gone up and up. But whenever we investigate, we find no SPAM being sent, just regular humans having regular conversations. So what is happening here? Are … ⌘ Read more

JMP: SMS Censorship
Since almost the very beginning of JMP there have been occasional SMS and MMS delivery failures with an error message like “Rejected for SPAM”. By itself this is not too surprising, since every communications system has a SPAM problem and every SPAM blocking technique has some false positives. Over the past few years, however, the incidence of this error has gone up and up. But whenever we investigate, we find no SPAM being sent, just regular humans having regular conversations. So what is happening here? Are … ⌘ Read more

Ignite Realtime Blog: More Openfire plugin maintenance releases!
Following the initial batch of Openfire plugin releases that we did last week, another few have been made available!

Version 1.0.1 of the Spam Blacklist plugin was released. This plugin uses an external blocklist to reject traffic from specif … ⌘ Read more

I’ve been thinking of how to notify someone else that you’ve replied to their twts.

Is there something already developed, for example on yarn.social?

Let’s say I want to notify https://sour.is/tiktok/America/Denver.txt that I’ve replied to some twt. They don’t follow me back, so they won’t see my reply.

I would send my URL to, could be, https://sour.is/tiktok/replies?url=MY_URL and they’ll check that I have a reply to some of their twts, and could decide to follow me back (after seeing my twtxt profile to avoid spam)

Another option could be having a metadata like
follow-request=https://sour.is/tiktok/America/Denver.txt TIMESTAMP_IN_SECONDS
that the other client has to look for, to ensure that the request comes from that URL (again, to avoid spam)
This could be deleted after the other .txt has your URL in the follow list, or auto-expire after X days to clean-up old requests.

What do you think?

“The Frustration Loop”
Spammers and their spam are annoying. ⌘ Read more

I love spam. casly1981@gustr.com

Ignite Realtime Blog: New: Openfire MUC Real-Time Block List plugin!
A new plugin has been made available for Openfire, our cross-platform real-time collaboration server based on the XMPP protocol. We have named this new plugin the MUC Real-Time Block List plugin.

This plugin can help you moderate your chat rooms, especially when your service is part of a larger network of federated XMPP domains. From experience, the XMPP community has learned that bad actors tend to spam a wid … ⌘ Read more

Just setting up a quick Mastodon instance to test some compatibility is a pain. Using test accounts on public instances is also unreliable, because many instances are already overloaded and I don’t want to create spam. So I got a new DigitalOcean account with a $200 starter credit… ⌘ Read more

Arnaud Joset: Updates: chatty server and HTTPAuthentificationOverXMPP
It’s been a long time since I updated this blog. It will be a short update post about two projects.

The first is chatty_server, a small XMPP bot I use to interact with my server. It allows me to get information about the CPU load, traffic, weather etc.
It also has a small feature to get reminder messages. There was a bug that allowed anyone to spam reminders. Anybody can add the bot to their rooster and could create random reminders t … ⌘ Read more

There is a huge influx of spam recently, my mailboxes are all getting hammered at the moment

The Spam Just Won’t Stop | Redacted Identity by OH.MG https://redacted.id/a22b3eef

As a postmaster, Gmail remains the most irritating domain to send to. Soooo many false spam hits, such little information provided, so many hoops to jump through.

@lyse@lyse.isobeef.org Me when I find myself crossing an international border, close to midnight, using free bus WiFi, spammed by messages from people, telling me that the server hosting my web-apps is down. 😂
*Only happened once so far

Gajim: Development News November 2021
Annoyed of spam messages in public channels? Gajim just gained support for Message Moderation! Also this month: better message corrections and improved notifications.

If you’re participating in public channels you might have witnessed spam from time to time. Someone comes along and pastes some URL about a promising business opportunity, or leaves an offending picture. Moderators can kick/ban spammers, but that does not remove those … ⌘ Read more

@movq@www.uninformativ.de LOL. As someone with OCD, I can relate completely. When I set to do “slight” modifications to a stylesheet, boy… often a start over is best, to eliminate commit spam.

Based on spam logs, I am (again) considering banning a bunch of TLDs at the server level. Has anyone ever gotten legitimate email from a .work, .casa, or .today domain, for example?

It did! And I fixed the bug last night. And now I’m curious how your pod deals with spam. 👆🏼

I wonder if email would be a reasonable way to enable interaction on twtxt… something like publishing an email address for replies in the preamble of your feed, then like twtxt the rest is up to you, but I could imagine a simple moderation queue that could be checked periodically allowing the admin to move approved comments into some public space… I keep thinking I’ll add activitypub comments to my site but it seems more complex than I care for. Ironically because of available tooling email actually feels simpler for this… of course, there is spam…

@prologic@twtxt.net lol.. sorry about the spam

@prologic@twtxt.net lol.. sorry about the spam

the !zet I have written for my wiki is probably going to end up replacing what I’ve been using twtxt for these past few months. this means less spam here. you’re welcome.

Prosodical Thoughts: Simple Anti-Spam Tips ⌘ https://blog.prosody.im/simple-anti-spam-tips/

Ignite Realtime Blog: New Openfire plugin to help reduce spam! ⌘ https://discourse.igniterealtime.org/t/new-openfire-plugin-to-help-reduce-spam/88730

Monal IM: Someone spammed me ⌘ https://monal.im/blog/someone-spammed-me/

I really have fun using #twtxt since my #xmpp bot is working reliable again. Sorry for the spam. 😁

@von@tilde.town: I stole the idea from a random webpage that listed a finger address for contact information. I would assume it’s pretty effective against spam ;)

Hey, maybe now that microsoft is pushing chrome, things will get bad enough that electron will be dropped & developers will remember that cross-platform GUI toolkits exist that don’t involve spamming HTML

Today in recruiter spam, somebody wants me to teach Latvian in Brooklyn. Why do they think I know Latvian? Why does literally every recruiter think I can commute to NYC?

samim - Thoughts on Botnets and CreativityToday, Botnets impact almost every aspect of human life. Promoting products, providing… https://samim.io/p/2018-04-23-the-solution-to-exploding-fake-news-and-spam-botnets-ca/

The Chinese Robocall Blues https://tedium.co/2018/05/15/spam-robocalls-history-comparison/

Spam https://theoutline.com/post/2498/spam-is-back

If connected to a pipe #txtnix tweet will now read tweets from STDIN. Will it now be too easy to spam the #twtxt network? :)

If connected to a pipe #txtnix tweet will now read tweets from STDIN. Will it now be too easy to spam the #twtxt network? :)

Съчетаване на полезното с приятното: счетоводство style #spam http://t.co/CIFjgA4n