IMPORTANT: We're seeing a large scale attempt to bulk-register bot accounts across the public Matrix network (including captcha bypass) in order to perform spam flood attacks. If you're running a public homeserver please disable open registration, or require email for signups.

@matrix Is there a way for admins to easily detect if they have a spammer? Like log messages, they can look at, or better yet, alerts they can set up?

@adam @matrix I export metrics using Prometheus and from there can create alerts based on high new user count


@y0x3y @matrix But the problem is people sending [unsolicited] messages, not people registering for accounts.

Wouldn't a better metric be the number of different users messaged by a single account in a short period of time?

Detection routines should be detecting the bad behavior that we actually care about. Otherwise the problem will just morph into slowly signing up for accounts and then sending tons of messages later.

Sign in to participate in the conversation

Mostly hackers, mostly in Urbana, IL, talking to each other & our friends on like-minded servers without giving our personal data to the marketing machine.