Note: this is a comprehensive guide that addresses a lot of different topics. We hope to answer many questions that newcomers have asked before. This guide gets into the meat and potatoes of what all this stuff is, how stuff works, and how to use it to your benefit.

If you’re reading this, chances are that you’ve just signed up for Mastodon. Or, perhaps you’re thinking about trying it out, or have at least heard other people mention it. There are many guides out there about this topic already, but I think this one has something to offer.

I’d like to believe that I’m qualified to talk about this stuff. I’ve been in this space for nearly 15 years now. After starting on one of the oldest federated social networks, I also helped with managing the Diaspora project. I’ve been here since almost the beginning.

This guide exists as a run-down of how to join in, make friends, and have fun in a new space.

Table of Contents

• What the heck is Mastodon?
• What’s the fediverse?
• Getting Started
  
  • What platform should I use?
  • How do I join this thing?
    
    • 
      
      • Checking Instance Details
      • Getting Verified

      
      

    
    

  • Got Any Usage Tips?
    
    • Simple Mode vs Advanced Mode

    
    

  • Accessibility Features
    
    • Media Captioning

    
    

  
  

• Into the Network
  
  • How do the feeds work?
    
    • Home Feed
    • Local Feed
    • Federated Feed
    • Public Feed

    
    

  • How do Privacy Settings Work?
    
    • Public
    • Unlisted
    • Followers Only
    • Mentioned People Only

    
    

  • How do I find people?
    
    • 1. Find Your Mutuals
    • 2. Follow tags and post frequently
    • 3. Explore the network!

    
    

  • How do I interact with people and their stuff on other servers?
    
    • The User Handle
    • The Search Bar
    • Handy Browser Extensions

    
    

  • How do I keep track of who is who?
    
    • Notes
    • Lists

    
    

  
  

• Apps and Frontends
  
  • Mobile Apps (Android and iOS)
  • Web Frontends

  
  

• Dealing with Unwanted Posts, Conflict, and Trolls
  
  • Filtering Your Feed
    
    • Muting vs Blocking
      
      • Muting
      • Blocking
      • Undoing Blocks and Mutes

      
      

    • Reporting Bad Actors
    • Blocking a Domain
    • #Fediblock

    
    

  • Moving to a New Server
    
    • 
      
      • Move from a Different Account
      • Move to a Different Account

      
      

    
    

  
  

What the heck is Mastodon?

Mastodon is a social media platform for microblogging, kind of similar to Twitter. There are three very important key differences:

1. It’s open source, meaning that you can see the source code, make modifications, and run it yourself.
2. It’s federated – people on one server can talk to people on another. In practice, it acts as if two separate parts of the internet can come together as one space to talk.
3. It’s more personal – Mastodon doesn’t really use algorithms to promote influencers, and doesn’t really reflect popular statuses or encourage number-chasing. Instead, Mastodon tends to focus more on personal authenticity, where you can openly express yourself.

But now, it’s time to address the elephant in the room (I’m sorry). What you’ve probably heard people call “The Mastodon Network” is actually a much bigger, crazier thing called the Fediverse.

What’s the fediverse?

Wikipedia describes the fediverse as “an ensemble of different platforms that all communicate using a common protocol.” The most popular protocol is a W3C Standard called ActivityPub, which is what Mastodon and many other platforms use. The network is largely composed of open source projects, running across many different servers, using open communication protocols. No individual institution can own all of the fediverse, and there’s no central authority controlling it.

The fediverse started around early 2008 / 2009 with a platform called StatusNet. Some of you may be familiar with Identi.ca, a popular hub for open source nerds to tweet about their interests. A lot of changes have come since then.

“The Many Branches of the Fediverse“ by Per Axbom, Creative Commons CC-BY-SA 4.0 International

The biggest thing to know about the fediverse in 2023 is that it’s massive. There are analogues to almost every kind of corporate social platform imaginable. The crazy part is that you can follow accounts on any of the following projects directly from Mastodon:

• Microblogging: Misskey, Pleroma, Bonfire
• Macroblogging: Friendica, Smithereen
• Image-Sharing: Pixelfed
• Meetups: Mobilizon
• Video: PeerTube
• Podcasting: CastoPod, Funkwhale
• LiveStreaming: OwnCast, PeerTube
• Music: Funkwhale, Reel2Bits
• Book Reviews: Bookwyrm, Inventaire
• Blogging: WriteFreely, WordPress (with some plugins)

That’s just the tip of the iceberg. There’s an estimated 124+ platforms in various states of development, most of which can interoperate with one another. For many, the common denominator is basic compatibility with Mastodon.

A PeerTube video, shown on both PeerTube’s side as well as Mastodon.

What does this mean in practice? The common barriers you’re familiar with on Twitter, Instagram, or Facebook don’t exist here. Why can’t you like an Instagram post from Twitter, or send a Myspace message to someone on Facebook? The people running these sites have a monetary interest in keeping you in, and other networks out.

Getting Started

What platform should I use?

My recommendation if you’re just starting out: try Mastodon first. Mastodon sets a pretty good standard of expectations when using the network for the first time. Most platforms on the network strive for compatability with Mastodon, giving you the benefit to try things out.

Honestly, starting with Mastodon and shifting to something else is pretty common for people on the network. Many platforms implement Mastodon’s own client API, meaning dozens of Mastodon apps can be used elsewhere.

How do I join this thing?

A lot of people say that finding a place to initially sign up is the hardest part of the process. You can always move to a new server, if it feels better than your current one. We’ll get into that a bit later.

Example of the Mastodon Instance picker in action

For better or worse, Mastodon’s own instance picker is pretty decent, and gives you a lot of variety. In my opinion, it doesn’t really matter where you end up. You can still demonstrate your whole yourself, even if you hang out on a themed server. It’s not difficult to start out on a place like mastodon.social or mastodon.online, and then migrate to somewhere more interesting.

Checking Instance Details

Before signing up to your server of choice, take a good look on that instance’s About page. Server details can always be found by clicking the “Learn More” button. You can see an example at: https://mastodon.gamedev.place/about

The About page of Mastodon Gamedev Place,

A well-moderated instance will have fleshed-out details describing the server, its community rules, and how it acts towards particular problem-child servers.

The Moderated Servers section is of particular note, because it lists what policies other servers are treated by. Generally, these are problem-child instances whose own rules don’t align with this servers. there are two statuses: Limited, and Suspended. If a server is Limited, you can still follow accounts, they just won’t show up on the Federated timeline. If a server is Suspended, federation with them will not work at all.

Getting Verified

The first thing to do after signing up is to get verified. Verification works a little bit differently than on Twitter. Instead of having a company verify who you are, the main way to prove your identity is through your website.

By default, Mastodon provides four custom metadata fields for an account. These can contain information of any type, but most often denote accounts on other websites. There’s also an HTML snippet that links back to your profile. Mine looks like this:
<a rel="me" href="https://social.treehouse.systems/@deadsuperhero">Mastodon</a>
Basically, it’s a normal HTML link to my profile, but it uses a property called rel=me. In a nutshell: putting this link on a webpage and pointing one of your account fields at the page will cause Mastodon to validate the link. It sees that rel=me and says “Oh yeah, this person’s profile really did make this page, because the link exists there.”

Validating identity through a personal website or other accounts is a great way to say “here’s my proof, I am who I say I am” in a large federated network.

Got Any Usage Tips?

Simple Mode vs Advanced Mode

One other thing you ought to decide early on is what mode you want Mastodon’s interface to take. Mastodon ships with two of them: Simple, and Advanced. Here’s what they look like, for sake of comparison:

Your feed in Simple Mode

Simple Mode is relatively Twitter-like, and it works just fine for those who want that experience. You get a singular timeline of everything sorted in a chronological order. The upside is that posts and profiles are bigger, because of a greater amount of space available.

The multi-column insanity of Advanced Mode

Advanced Mode gives you a multi-column view that’s reminiscent of TweetDeck. It’s the original interface that Mastodon shipped when it first launched. Honestly, it’s really good, and I prefer to use the network this way. Being able to see my home feed, notifications, and DM’s in one place is really convenient, and being able to create individual feeds for tags or lists allows you to keep eyeballs on multiple things without having to navigate away.

Accessibility Features

Before we dive into all of the cool stuff that you can do, it’s important to talk about Acessibility Features. Accessibility is a huge part of fediverse culture and a prerequisite for many users with disabilities.

Media Captioning

Captioning your images, audio, and video attachments in Mastodon is a huge part of the culture. Many users on the network rely on screen readers to parse their feeds. Not everyone has the ability to see images, watch videos, or hear audio. You’re doing those people a huge favor by adding alt text to these things prior to posting. To add a description, simply click Edit on any image thumbnail. Type your description, then click Apply.

• A picture, just after attaching it to a post
• Hover the mouse over the thumbnail, and click “Edit”
• A window will pop up with a text field for a detailed description, and you’ll be able to set the focal point for the thumbnail on the right.

There are a few tools at your disposal to make your life easier. One such feature is the “Detect text from picture” option that shows up. It only really works with screenshots that have a lot of text on them. Things like captions on memes don’t work so well – but it can do a fine job of transcribing lengthy notes.

“Detect text from picture” does a great job at transcribing text in images, but only if there aren’t a lot of other visual elements in the image.

After that, the text you entered will go into a special part of the image, and can be read by screen readers.

When you hover over any picture containing a caption, it will show the description. Screen readers can pick this up and read what it says!

Into the Network

Now that you’ve joined Mastodon, it’s time to explain some of the ins-and-outs of the platform. This might seem like a lot at first. Once you get a hang of the basics, it all clicks into place.

How do the feeds work?

Most fediverse platforms, Mastodon included, include four types of main feeds: Home, Local, Federated, and Public. These timelines basically show you different collections of posts based on what your server is aware of.

Various differnt timelines: Home, Local, and Federated

Home Feed

This feed consists of everybody you’re following, along with whatever hashtags you’re subscribed to. It’s generally the “main feed” that you’ll likely use most of the time.

Local Feed

The local feed is your server’s home feed, and shows every public post made by the people hosted on it. You can kind of think of it as your local town square. On large instances, this timeline tends to move very quickly. On smaller instances, it can be a very cozy way to see what’s going on in your community.

Federated Feed

The federated timeline could be considered the firehose of everything your server is currently aware of. Not only does it feature posts by you and the people you follow, it also includes posts made by people that other folks on your server also follow. This feed is generally the most chaotic and random, but can occasionally be great for discovery.

Public Feed

The public feed is a firehose of absolutely every status an instance is aware of, local or federated, that has the Public privacy setting. Public posts are visible to everyone, even people not logged in.

How do Privacy Settings Work?

Mastodon has limited support for privacy scopes on statuses. Other platforms, like Friendica or Hubzilla, have much more robust options that let you choose which of your contacts can see or respond to a specific post. Mastodon instead has something called scopes, and by default, there are four options: Public, Unlisted, Followers Only, and Mentioned People Only.

Public

The Public Scope is the most open and visible option for a post. Public statuses can potentially appear on all timelines, are visible to people on other servers, and can be seen even by people who are logged out.

Unlisted

The Unlisted Scope is much like the Public Scope, except that it only appears on the Home timeline. Unlisted statuses can still be boosted and replied to, and people with a link to the status can still see it. The key distinction is that it doesn’t appear on other timelines.

Followers Only

The Followers Only scope is effectively a private status, with the understanding that only your followers can read or respond to it. Private statuses cannot be boosted, and people outside of your follower group will just see that a status doesn’t exist.

Mentioned People Only

The Mentioned People Only scope is basically the equivalent of a DM. Basically, only the people mentioned in the message body can see or respond to a status with this scope.

How do I find people?

Joining any new network can feel a bit like a catch-22: for you to get the most out of this place, you need to find people and hang out here. But, you need to hang out here in order to find people.

Here are three approaches that work well for me:

1. Find Your Mutuals

I’m going to give you the bad news first: there were a bunch of great tools for figuring out who your mutuals are, but Twitter made a very bad decision about API pricing, and killed most of those apps. Supposedly, FediFinder might still work, but your mileage may very.

All you need to do is take that file you downloaded, and under Profile Settings, go to Import and export -> Import

The basic premise is that tools like FediFinder scan your list of followers and mutuals, and then compare those people’s accounts to Mastodon accounts that they’ve linked to. You can then upload that into an importer tool that lives in your profile settings. Provided the tool you used found some people, Mastodon will then queue a bunch of follow requests on your behalf.

2. Follow tags and post frequently

I dunno, this just seemed like an easy example tag?

One of the recent updates to Mastodon includes the ability for users to subscribe to Hashtags. This pulls a lot of tagged content into your stream from people you don’t follow, to show you a thing you might be interested in. Contrary to Twitter, Mastodon extensively uses hashtags as the main way to add posts to an index and help people search for stuff.

3. Explore the network!

There are a bunch of different ways to do this. At this point, there are community tools like Trunk, which lists a bunch of profiles under different interest categories. There are also specialized lists that are one internet search away, such as Mastodon for Academics, or Mastodon Journalists. These kinds of resources can help professionals rebuild their community graphs and connect with peers.

Prior to these tools existing, I used to rely on the “human crawler” method of discovery:

1. Find a server that looks interesting from the Mastodon Instance Picker. I like to make games as a hobby, so I went with Gamedev Mastodon.
2. Most Mastodon servers offer a User Directory. For example, the instance I looked at has one at: https://mastodon.gamedev.place/directory
3. Find an interesting account on there that seems active, and follow them.
4. Check out some of the people they follow, and some of the people who they’re boosting on their timelines.
5. Rinse and Repeat

How do I interact with people and their stuff on other servers?

Some newcomers get kind of confused about dealing with remote stuff, and are quick to classify it as “a clunky experience”. While the experience could definitely be better, there are a few key concepts that, if you learn them earlier on, can kind of help you understand how things are supposed to work.

The User Handle

The first thing to take note of is how usernames on Mastodon work. Each user account has something that looks a bit like an email address. This is called a handle, and it’s a unique identifier for what is called an actor, which is an account capable of federation. Alternatively, I’ve also heard people refer to it as a webfinger address, because the Webfinger technology is used to perform the lookup.

You can always figure out what your handle is by looking at your profile, right under your username.

My webfinger address, for example, is @deadsuperhero@treehouse.systems. Pretty much any profile on the fediverse follows this format of @user@domain.tld. This is helpful to remember: if you’re not sure what the full URL is to an individual account, you can always fall back to the handle.

The Search Bar

Most federated social networks rely on the search bar to pull in remote stuff. I think the primary reasoning is that, technically, you’re performing a lookup, and that counts as performing a type of search. In Mastodon, the search bar looks like this:

So, as an example, let’s throw my webfinger address in the search, and see what comes up.

It’s me!

If we click on that result, we can see a full profile, with any posts that our server knows about.

We can also do the same things with posts that our server doesn’t know about, by using the full post URL instead. Here’s an example for this post I made a while ago:

Okay, so we throw in a URL, and out comes a result! This is really handy for situations where you want to interact with something you saw elsewhere, but your server doesn’t have a copy to interact with.

Handy Browser Extensions

At this point, people have started developing browser extensions to work around some painful UX hurdles. The default experience for Mastodon kind of sucks when it comes to remote content, because other sites don’t really have a mechanism to log you in on their end.

As a workaround, there are extensions such as FediAct and Graze available for both Firefox and Chrome-based browsers. These extensions allow you to like, boost, and reply to statuses on other sites without having to navigate back to your Mastodon instance, and allow you to also follow people in the same way.

There’s also a great browser extension called StreetPass, which can figure out various people’s handles based on what websites you visit. A lot of people use their own websites to verify their identities on Mastodon, so StreetPass is able to pick up that data and put it on a list for you when you visit them.

How do I keep track of who is who?

I won’t lie to you: it’s a big network. A lot of people like to try out different instances and even different platforms at the same time. It can get a little difficult to remember which person’s account goes to which thing. There are two tools that can help with that: Notes, and Lists.

Notes

Every profile provides a Notes section. Only you can see the contents, and they’re simply kept by your account for easy reference.

A note I made for myself, from another account.

Lists

Lists are a less prominent feature in Mastodon, but I sometimes use them to organize fediverse developers and game designers into their own contact groups.

A list featuring Fediverse developers I know.

What’s cool about Lists is that you can use them to basically build a special timeline, and specify whether you’re just seeing top-level statuses, responses between members, or just everything posted by people on the list.

These timelines are really handy. They can help you narrow down the stream of posts to focus on what very specific accounts are talking about. For me, keeping track of Fediverse development is a big deal, so I’m happy to have this.

Apps and Frontends

Mastodon has a lot of apps, and I mean A LOT of apps. It’s very reminiscent of the early days of Twitter, where a zillion different kinds of clients existed, and they all geared for providing different experiences. Mastodon offers a pretty easy-to-understand API for client developers, and it’s so popular that a lot of other fediverse platforms like Pleroma have also implemented it, and can use the same apps.

Mobile Apps (Android and iOS)

There are so many great mobile apps for Mastodon. I can’t overstate how much this changed the game for the fediverse, which only had really terrible apps prior to 2016. Being able to interact with the network easily, without friction, on the go, really made the place more accessible at all hours of the day. I’m not going to name too many apps, but I’ll throw out a few great ones.

Tusky (Android, Free)

Tusky is, for all intents and purposes, one of the best clients on Android. It’s held that title for a long time. The UI is clean, the experience is buttery smooth, and it supports all of the features you would expect from the Web version of Mastodon. It’s great on the go, multi-account, and my go-to app after all these years.

Megalodon (Android, Free)

Megalodon is a fork of the official Mastodon app, but it adds in quite a few features that are missing from the official version: support for the Federated Timeline, post scheduling, and hashtag following are just a few of the many improvements this app brings in over its predecessor.

Ice Cubes (iOS, Free)

Ice Cubes is an exciting new app for iOS that offers a high degree of customization, custom colors, timelines, and more.

Ivory (iOS & Mac, Paid Subscription)

After shutting down work on the legendary Tweetbot, the Tapbots company went ahead and developed and incredible new app for Mastodon called Ivory. It really demonstrates their app design expertise.

Toot! (iOS, $3.99)

Toot! is a unique standout from most of the other ones listed. One really positive upside is how the client approaches complex threads with many replies, where each sub-thread is denoted with a different color.

Web Frontends

Because the Mastodon API is open, and free for anyone to implement, there are also a fair share of alternative web frontends that you can use in the browser, if the default one doesn’t suit you.

Elk

Elk is an incredible project to build a more Twitter-like frontend while making accessibility a top concern of the design process. There’s a public demo on elk.zone you can try out with your account.

Semaphore

Semaphore is a continuation of Nolan Lawson’s excellent Pinafore project, and continues to focus on being lightweight, easy to use, and fast.

Cuckoo Plus

Cuckoo Plus is a clone of the Google+ web interface, and does a pretty convincing job. The only downside is that the client does not currently support Circles, which was a big part of the original Google+ experience.

Brutaldon

True to its name, Brutaldon is a client made with brutalist design tendencies. It’s dead simple, uses no javascript, and even works well in text-based web browsers like Lynx, w3m, and elinks.

Dealing with Unwanted Posts, Conflict, and Trolls

You may have heard some people talking about how Mastodon is so much nicer than Twitter. In some ways, that’s absolutely true: there are massive hobbyist communities, people are all too willing to wear their hearts on their sleeves and be authentic, and people are out there sharing and joking and creating things and having a great time together.

But, the fact remains: this is still the Internet, and there are assholes everywhere. Even on this fabulous new network. In fact, I won’t sugar coat it: some spaces on the network are outright hostile, in that they are racist, sexist, homophobic, transphobic, and fascist. Some people are utterly vile, and hang out in spaces that enable them. Others are just petty, and want to stir up drama. Whatever the case may be, here’s a few tips to ensure that none of those people ruin your day.

Filtering Your Feed

One really great quality-of-life feature that newer releases of Mastodon have is the ability to simply filter out stuff you don’t want to see. It doesn’t even necessarily have to be over-the-top, egregious stuff. For example, maybe you’re just tired of seeing posts about Elon Musk in your feed.

The filters screen. Each filter is capable of accepting multiple keywords or phrases in them.

In your Settings, under the Filters category, you can set comprehensive rules on whether or not to hide stuff. You can choose to either cover qualifying posts with a Content Warning, or opt to take that stuff out of your timeline completely. Each filter can have any variety of keywords in it, pertaining to a subject based on keywords in the post body.

Just some examples, I don’t really filter much.

Muting vs Blocking

Occasionally, you’re going to have people in your mentions (or your timeline) that’s just posting in a way that doesn’t suit you. Maybe they’re just being a bit obnoxious, or maybe they’re posting a marathon of text about something you’d rather not see right now. There are two tools for handling this, based on how things escalate: Blocking and Muting.

Muting

Muting can be considered a soft block that you can set a duration on. This person is still technically following you, and can see your posts. The important thing is that you won’t see anything from them for a while. This method is useful when you think somebody needs to cool down, without cutting off the relationship entirely.

Blocking

Blocking is more encompassing, in that a person won’t be able to see or interact with you. You won’t be able to see them, either. It’s basically a way for each of you to pretend that the other person doesn’t exist.

Undoing Blocks and Mutes

Muted Users, Blocked Users, Blocked Domains
Every now and then, you’ll need to undo a block or a mute. Maybe you clicked the wrong thing, maybe that person made public amends, or maybe that marathon of the show they watch finally ended. The good news is that you can manage these things in your own user menu, on your profile page.

Reporting Bad Actors

Sometimes, an otherwise good instance might suffer from a handful of bullies hanging out on it. This is definitely a possibility when it comes to very large instances, with small moderation teams, that happen to be open for public registration. Their moderation team can’t possibly see everything on their own, but filling out a report can help triage between moderation teams.

Blocking a Domain

Sometimes, the dynamic might be the opposite of the last one: maybe there’s some good people on the instance, but the admins and mods are either too lazy to do anything about bad behavior, or actively encourage it.

If your reports are going ignored by the receiving server, and you don’t want to play whack-a-mole with a bunch of different people over there, your best option may be to simply block the domain.

#Fediblock

Fediblock is an ongoing conversation that exists under the #fediblock tag on any instance. It’s an informal way for people to talk about instances with particularly bad policies, problematic communities, and poor moderation, and serves as an advisory for server admins about what domains and/or accounts they should probably think about blocking. If you see an instance that’s repeatedly ignored your reports or engaged in malicious behavior, making a post with the #fediblock tag is probably a good idea.

Moving to a New Server

At some point, you’ll make the decision to move to a new Mastodon instance. The good news here is that you can hook your new account up to your old one, and run an import process. Your old account will get marked as Archived, and your followers and followers will get carried over to your new account.

The layout is a little confusing, but all you need to do is: set up a new account somewhere, and point your two accounts at each other before initiating a move.

Move from a Different Account

After you’ve signed up to a new instance, go to your Account Settings, and click “Moving from a different account“. You’ll be taken to a screen to set up your account alias. Type in the fediverse handle of your old account, and save it here. Afterwards, switch back to your old account for the next step.

Move to a Different Account

Log back in to your old account, and navigate to the Account Settings on there. This time, we’re going to click “Move to a different account“. Type in your new fediverse handle and password, then click Move Followers.

After you’ve done this, your followers will transfer over to your new Mastodon account, and your old one will be set up as a redirect that points to where you are now.

That about sums it up! We hope you’ve enjoyed this guide and maybe learned a useful thing or two, and that it helped you in trying out Mastodon for the first time!

https://wedistribute.org/2023/07/mastodon-newcomers-guide/

#fediblock #fediverse #Mastodon

To all Fedi Admins currently being hit with a spam wave:

Defederate from these instances:

[Full List of Affected Instances Here]

Limit first, defederate only in worst situations!

Reconsider re-federating with any of the mentioned instances once the spam is mitigated. The admins of some of these may have just been asleep when this all started.

Ban Spam Accounts via their E-Mail Domain

Block the following E-Mail Domain and whatever temp Mail provider it resolves to: chitthi.in

Just to be safe, block these ones too (same provider)

• mailto.plus
• fexpost.com
• fexbox.org
• mailbox.in.ua
• any.pink

All our spam accounts came from these E-mails.

Since you probably have some of these accounts sleeping:

https://[your-instance.tld]/admin/accounts?email=%25%40chitthi.in there just select all and press “Ban”.

Find Remaining Spammers

I've seen instances that fixed the spam issue but began being hit later again. The spammers might use new E-Mails, so here is a way to find and block them anyway:

https://mamot.fr/@vincib/111946701929274350

IP Bans and TOR

These spammers seem to be using the TOR Network as all of their IPs are TOR Exit Node IPs, hence an idea (with some collateral damage if executed) would be to ban all TOR exit node IPs for sign ups. I am personally against this idea as you'd also prevent users who simply wish to stay anonymous online (political refugees, leakers of important documents, etc.) from using your platform. For now, simply banning every user using a particular Spammer IP will not help and will merely ban users that try to stay anonymous! Not necessarily the spammers.

How To Block All Temp E-Mails in the Future

If you want to prevent this from ever happening again, you should block E-Mails from Temporary Mail providers all together:

• Here is the list of all Temp email providers (there are both blocklist and allowlist)
• Here how to install it in Mastodon
• The script that automatically pulls the list via Cronjob and imports it into Mastodon
• Script template

Because of this, hessen.social, for example, was not affected by the spam attack! They had already banned the email domain the spammers used ages ago.

In future updates on Mastodon, maybe Admins can simply click a button that says “Ban Temp E-Mail Providers” Automagically from the E-Mail Menu? There could be E-Mail categories that can be banned, such as temporary mails.

Why did this happen?

We're probably all looking for answers as to why this spam wave happened to begin with. As much as I do not want to believe this was the real reason hundreds of us spent hours of our day today on mitigating this issue, here is a real explanation on why this spam wave came to be:

Part 1:
https://fedi.fyralabs.com/notes/9psdqurvye
Part 2:
https://fedi.fyralabs.com/notes/9psnooe6p1
Part 3:
https://fedi.fyralabs.com/notes/9pth6oh3xr

As noted, @cappy is working on a full exposé regarding the origin of the February 16th Spam Attacks. I'm patiently awaiting their work's publishing!

Good luck, everyone!
Thanks for participating in the Fediverse Experiment!

#FediBlock #FediAdmin

Happy Pride! Today, we’re digging into the roots of the fediverse – the many queer, trans, and non-binary people who helped build the Fediverse.

A (partial) queer, trans, and non-binary history of Mastodon and the fediverse

“way back, at the beginning of mastodon’s rise to what it is now, queer activists, be they just a stranger with a keyboard, new to the social media site, weighing in on a topic on the public timeline, or me, someone actively attempting to be the middle between the most vocal voices, and tangible, meaningful change through gargron’s code, and github focused writing and activity, people were queer. they were marginalized, to some extent. people who weren’t comfortable with the status quo, so we changed it.”

hoodieaidakitten, Mastodon’s Complicated Relationship with Queer Activism, July 2018

As a trans woman on the internet, my work with Mastodon has always been about more than just social media—it’s been about keeping people alive.

– Margaret KIBI, Fringe Mastodev – Part II, September 2018

“I cannot count the number of people who I’ve seen and followed…on Mastodon and then come and realize more things about their gender identity, their sexual orientation, their different community markers.”

David Wolfpaw, founder of the tech.lgbt Mastodon community, quoted in Can Mastodon be a Twitter Refuge for Marginalized Groups, November 2022

“Queer people built the Fediverse.”

Christine Lemmer-Webber, co-author of the ActivityPub standard that powers Mastodon and the fediverse, quoted in Mastodon—and the pros and cons of moving beyond Big Tech gatekeepers. In the article, Lemmer-Webber notes that four of the five authors of the ActivityPub standard identify as queer.

Ever since Mastodon started in 2016, queer, trans and non-binary people have helped build it and the interconnected web of decentralized social networks known as the “fediverse.” Today there are dozens or even hundreds of LGBTQ-focused instances,1 and even many of the instances that aren’t specifically for the community are welcoming. Which is good!

People telling the Mastodon origin story usually acknowledges the queer influence. Carl Miller’s Who commands the internet? (from 2018), for example, quotes Mastodon’s BDFL (Benevolent Dictator for Live) Eugen Rochko on the early growth:

“Queer people joined”, said Eugen, “and Furries. It comes in waves.”

Still, very few people I talk to know realize how extensive queer contributions have been – and how much tension there’s been around them. Mastodon: a partial history has a lot of quotes and links to first-person experiences, but they’re scattered throughout it – and it ends in late 2022. So to celebrate Pride, I figured I’d expand on that and also highlight a few of many areas where the impact continues today.

First, though, I want to emphasize that this is a partial history. A lot of people who have made major contributions aren’t here, either because they’d prefer not to be listed (and with queer, trans, and non-binary people under threat everywhere, who can blame them) – or just because I don’t know about them. The names of the people who have made the key contributions have been largely erased. As Sasha Costanza-Chock says in Design, power, and justice:

“[P]eople are often marginalized from the stories we hear about the creation of new tools. Social movements are often hotbeds of innovation, but their contributions aren’t always recognized.”

So my apologies to everybody who isn’t here, and if there are others who should be listed, please check with them if they want to be and if so ask them to let me know.

And speaking of marginalization …

“[T]he first thing that I want to make clear is that Mastodon has a history of being inhospitable to marginalized users.”

Dr. Johnathan Flowers discusses in The Whiteness of Mastodon

In The Whiteness of Mastodon Dr. Flowers focuses on Mastodon’s long history of whiteness and racism, also present in much of the broader fediverse. This marginalization impacts Black, Indigenous, and other queer, trans, and non-binary people or color as well; and many queer, trans, and non-binary people fall into other categories — disabled people, sex workers, people from the Global South — that are also largely excluded from Mastodon’s power structure. As Dr. Flowers highlights, many Mastodonians use the very positive contributions of queer people as a shield against critiques or discussions of the platform racism and overwhelming whiteness. Please don’t do that!

And despite all the major contributions they’ve made, queer, trans, and non-binary people of all colors have also been marginalized in Mastodon. The stories of their contributions are rarely told and when they are it’s rarely from a queer perspective, leading to the erasure I talked about above. And Mastodon and the fediverse have gotten big enough that there’s more and more money and other opportunities floating around. how much is going to queer, trans, and non-binary people? This is something that really needs to change going forward.

And it’s also something to keep in mind when thinking about the history of Mastodon and the fediverse, because it highlights how challenging the environment was for the people making these amazing contributions!

Mastodon’s early days

“When everyone joined there wasn’t per-post privacy or CWs or anything that people associate with Mastodon today. The new wave of queer users came up with, designed, pushed for, and implemented those features.”

– Shel Raphen, former Mastodon volunteer coordinator, project manager, and community manager, in Ana Valens’ Mastodon is crumbling — and many blame its creator (2019)

Rapid queer-led community innovation discusses Mastodon’s first major growth spurt culminating in the breakthrough month of April 2017. Here’s how I summarized it:

Mastodon in early 2017 was hella queer, and the queer volunteers who helped create Mastodon made an incredible amount of progress in the first half of the year

In Mourning Mastodon, Allie Hart links links to github artifacts for the implementation of locked accounts, private toots (as posts were called at the time recently), blocking, muting, and reporting from the time. Conent warnings (CWs) and instance blocking, a powerful technique helping admins and sites protec themselves from bad actors, was also driven by queer and trans people. As I said when discussing this in an April 2017 presentation on Transforming Tech with Diversity-Friendly Software, on open-source projects people can implement the functionality they want and need.

But as the titles of Mourning Mastodon and the followup Mourning What Now?!?!, it wasn’t all good. As Hart said,

“The recent influx of users to the platform has brought with it new contributors and an expanded revenue stream that has rendered the original nearly obsolete. Queer users could leave en masse without harming the project’s survivability, which means that the reciprocity of their relationship has been terminated — queer users still depend on the project, but the project no longer depends on its queer users.”

hoodieaidakitten has a similar perspective in Mastodon’s Complicated Relationship with Queer Activism

“things changed, because more and more people comfortable with the status quo followed. we queer activists rapidly became the subset that originally came, the marginalized. the minority.”

Things came to a head in The Battle of the Welcome Modal. Many new arrivals (including me) found Mastodon confusing in April 2017. As Valens describes Mastodon is crumbling — and many blame its creator, Shel Raphen – who was doing an outstanding job of project management in a very difficult situation – designed a welcome modal to help with onboarding. Rochko harshly criticized the design and made significant changes that Raphen “broke the pedagogy and curriculum built into the design of the onboarding modals,” which had been reviewed and approved by various other contributors.

Valens describes the incident as “A breaking point for the queer community” and that’s how I remember it too. On the other hand, flawed as it was, the welcome model was also successful, although not as much so as it would have been otherwise: it did in fact reduce a lot of confusion for new users. Unfortunately, progress stalled on onboarding after the Battle of the Welcome Modal, and it remains a problem today.2

Of course, queer people didn’t go away. Creatrix Tiara’s Mastodon 101: A Queer-Friendly Social Network You’re Gonna Like a Lot on Autostraddle later that year brought more queer users, and the number of LGBTQ+-focused instances continued to increase.

And innovation didn’t go away either.

In the private discussions with @bea … I explained that I had actually stopped doing Mastodon development, given my past history with it and the way it had treated its queer contributors. She responded that she had heard that a lot, thought it was sad, and was actually trying to pull together a fork of the software, as a space for queer devs who had been pushed out of mainline Mastodon development. Her focus, she said, was on trans women, and creating a safe place where their contributions would be heard.

Margaret KIBI’s Fringe Mastodev – Part III: Joining GlitchSoc,

The Glitch-soc fork (variant) of Mastodon continued to take the lead in introducing tools to protect users by implementing “local-only posts” in June 2017, an innovation that has since been adopted by other forks like Hometown and most other fediverse software (although still not by mainline Mastodon, so it’s not available on most large instances).3 Glitch-soc also was the first to implement user‐defined profile metadata, collapsible statuses, user controlled layout, and images inside CWs,. Today, Glitch-soc is the most widely-deployed Mastodon fork, and is used by hundreds of Mastodon instances.

Ongoing contributions – often without credit

Queer, trans, and non-binary people continue to make major contributions – often without being credited or acknowledged. A few examples:

• Artist Marcia X created the #FediBlock hashtag for admins and users to share information about instances spreading harassment and hate, and long-time Mastodonian Ginger immediately helped by spreading it to faer networks and normalizing its use. In 2022, this hashtag remains an extremely valuable resource. However, various “fediblock” sites and accounts have popped up over the years without any credit – or compensation – to the original creators.
• In May/June 2018, the initial implemention of trending hashtags – with no ability for site admins to turn the feature off – led to a firestorm of criticism from people who saw it as clashing with Rochko’s claim that Mastodon had “a focus on user experience and anti-abuse tools.” As maloki said, “You can’t have anti-abuse tools by actively creating tools that are very likely to be used for abuse, without consulting people who know and understand anti-abuse.” Cassian’s I left Mastodon yesterday and hoodieaidakitten’s Mastodon’s Complicated Relationship with Queer Activism have some additional discussion. The feature was eventually removed, and an improved implementation was released in 2019.
• August 2018’s Battle of Wil Wheaton highlighted the strength of Mastodon’s LGBTQ+ community in responding to the arrival of a celebrity who had caused a lot of harm to trans people. workingdog_’s Twitter thread provides important context ommitted from most mainstream narratives. Wheaton left the platform as a result, and Rochko posted that he was unhappy with how the situation was resolved. As Nolan Lawson discusses in Mastodon and the challenges of abuse in a federated system, the Battle of Wil Wheaton certainly highlighted the need for improvement in Mastodon’s moderation tools. Five years later, though, the moderation tools haven’t improved significantly.
• Solstice School is a free, online, interdisciplinary conference for the Fediverse, now in its fourth year, hosted by Scholar Social. Past topics include spiders, frugal computing, Afro-Indigenous phenomenology, and data (im)permanence; this year’s topics look just as interesting. As far as I can tell, though, none of the articles about academics exploring Mastodon or the fediverse have ever mentioned it.
• Volunteer moderators are the lifeblood of the fediverse – and a lot of them are queer, trans, and non-binary. Moderation is much more challenging in a decentralized environment, and Mastodon’s moderation functionality is much weaker than is typically found on forums or Facebook, but thanks to the huge amount of effort by (and I cannot stress this enough) unpaid volunteers, some Mastodon sites are so well-moderated that people describe it as a significantly better environment than Twitter. On the other hand, moderators can also be the targets of abuse; in Can Mastodon be a Twitter Refuge for Marginalized Groups, Marcia X describes the harassment campaign— including stalkers, bots, and denial of service attacks – that targeted playvicious.social, leading to the instance shutting down because “our safety was starting to become a real risk and also our mental health for that matter.”

The fediverse is a lot bigger than just Mastodon!

Even though Mastodon has gotten by far the most publicity, it’s only one part of the fediverse. Here’s just a few of the many queer, trans, and non-binary contributors making contributions to other branches as well.

• Daniel Supernault, who’s lead developer on Instagram alternative Pixelfed, one of the fediverse’s most successful offerings, and also started the incredibly valuable FediDB and fediverse.info sites
• Christine Lemmer-Webber, who along with the team at Spritely Institute is developing Spritely Goblins, a distributed object programming environment with time travel debugging and a capability-based model that addresses some of ActivityPub’s biggest weaknesses.
• Kainoa, who’s lead developer on Calckey (a fork of Misskey), which has substantial additional functionality beyond Mastodon as well as a much more vibrant user interface
• Kaity A, who’s lead developer of Hajkey (a fork of Misskey), and along with Ada is admin of LGBTQ+-friendly instances blahaj.zone and lemmy.blahaj.zone.
• The developers of GoToSocial, who are creating a lightweight, customizable, and safety-focused entryway into the Fediverse.
• alyaza, Gaywallet and the other moderators of beehaw.org, who are are using Lemmy link-aggregation software to create a community that “cultivates a sense of real belonging to something” and hosts a very active LGBTQ+ community.
• Hariette, who’s helping to push the Threadiverse to the moon by creating Artemis, a feature-rich, fast, and stunning app for kbin and Lemmy entering beta testing later this month.

Looking forward

https://fedipact.online/, created by trans enby girl lesbian gender terrorist vantablack
As always, it’s interesting times in the fediverse. As Rochko said, it grows in waves. Millions of people created Mastodon accounts late last year in the wake of Twitter’s acquisition by a transphobic, racist, techbro. Some of them liked it enough that they stayed around; quite a few of them are queer, trans, and non-binary – including George Takei, who with over 386,000 followers may well be the most-followed person in the fediverse!

We’re in the middle of another wave right now, with fed-up redditors looking for alternatives in the wake of Reddit’s decision to shutting down third-party apps and ham-fisted response to the protests checking out kbin (an interesting hybrid between Reddit and Twitter) and the aforementioned Lemmy – including people from big trans subreddits which are a critical source of support and knowledge for so many people.

And we’re going to continue to see new waves, because as always, queer, trans, and non-binary people are under siege on other social network. Twitter’s now saying “cis is a slur” and threatening to turn off blocking functionality. Facebook’s parent company Meta is introducing a Twitter competitor then again Anti-Trans Hate Is Absolutely Rampant on Facebook, Transgender Facebook is content dominated by right-wing sources, and Facebook and Instagram parent company Meta’s Nudity Policies Discriminate Against Trans People (as they have for years). So people will keep looking for alternatives.

Speaking of Meta’s Twitter competitor, it’s reportedly going to be compatible with Mastodon, which is another reason it’s such interesting times in the fediverse. As Anti-Meta Fedi Pact creator vantablack says in Why Block Meta?,

try being trans and on facebook, having a list of common suicide methods sent to you by a bigot, and reporting it. they’ll do goddamn nothing. a real, personal, and depressingly common example

Opinions are mixed in the fediverse about how to react to Meta’s potential arrival, but it’s not surprising a lot of trans, queer, and non-binary people don’t want them here. Of course, we’re not the only ones who doesn’t want Meta here; hundreds of instances have already signed the Anti-Meta Fedi Pact vantablack created just a week ago. In FediPact is an Organized Effort to Block Meta’s ActivityPub Platform, vantablack says

I will do everything I can to stop them from burning down the beautiful community we’ve spent over seven years cultivating here.

And she’s clearly not the only one who sees it that way. Still it’s very much in keeping with the fediverse’s history that many of the initial signers of the FediPact are from trans-, queer-, and LGBTQIA2S+-focused instances.

Of course, opinions also differ within queer, trans, and non-binary communities as to how best to respond to Meta’s arrival. As with so many other topics when straight people say “what does ‘the LGBTQ+ community’ think of this issue,” the answer is “it’s complex.” We’re here, we’re queer, fuck Facebook (or whatever they’re calling themselves these days) has more — including a couple paragraphs for allies advocating for working with Meta that are worth repeating here:

It’s a great opportunity to show solidarity. One good starting point is to complement sharing your own opinion with taking the time to listen to, understand, and fairly represent the more marginalized voices who are a lot less likely to be heard – and engage with their criticisms instead of dismissing them. This is especially important for instance admins who want their instances to be seen as LGBTQIA2S+-friendly, employees of surveillance capitalism companies, and cis and/or straight allies with influence in the fediverse.

And allies at surveillance capitalism companies, or instance admins who are allies and have queer and trans moderators, please please please avoid the temptation to rely on your LGBTQIA2S+ colleagues to do the all work or ask them to speak for their entire communities!

One way or another, Meta’s potential arrival is likely to lead to big changes in the fediverse. In chaos there is opportunity! discusses a positive outcome, where resistance to Meta’s arrival catalyzes needed changes in the fediverse. If that happens, we may well see another burst of queer-led community innovation, this time more diverse in other dimensions as well. Perhaps the marginalized people who make key contributions will also get some recognition and more access to jobs and funding. Hey, it’s Pride, might as well be optimistic.

One way or another though, queer, trans, and non-binary people in the fediverse are going to play a big role in shaping the future. Let’s take a moment to appreciate how different this is from the situation on any of the the big commercial social networks! And while we’re at it, let’s also take a moment to appreciate all the queer, trans, and non-binary who have helped create Mastodon and the fediverse as they are today.

Happy Pride!

Notes

1 “Instances” is the term used for different sites that run Mastodon or compativle software. Danielle Navarro’s Everything I know about Mastodon is a detailed introduction to Mastodon; while aimed at data scientists, it’s useful for everybody.

2 Both of the latest attempts to streamline onboarding result in new queer and trans people looking checking out Mastodon signing up by default on the flagship node mastodon.social instead of any of the many thriving LGBTQ+-focused instances. It’s almost like they don’t want queer and trans people to find their community!

3 If you’re thinking that mainline Mastodon’s refusal to support this valuable anti-harassment functionality doesn’t align with the stated values of being a platform with less harassment than Twitter … you’re not the only one. Does Mastodon really prioritize stopping harassment? has several other examples.
_________________________________________________

Jon Pincus is the founder of the Nexus of Privacy newsletter, author of Mastodon: a partial history, and a software engineer / entrepreneur / strategist and activist who focuses on justice, equity, diversity, inclusion, and intersectionality.

#fediblock #history #Mastodon #nonbinary #queer #trans

https://wedistribute.org/2023/06/a-partial-queer-trans-and-non-binary-history-of-mastodon-and-the-fediverse/

updated Soapblock list for today with 125 new entries: https://github.com/VyrCossont/Soapblock/blob/main/soapbox.csv

note that the only criteria for the Soapblock list is ongoing detection of a Soapbox backend or frontend on the instance domain or one of its subdomains. if you're aware of an instance running Soapbox which is not on that list, please let me know; likewise, let me know if you believe an instance is no longer using Soapbox anywhere and should be removed.

the scanner source will be published when i get around to it, but meanwhile, any entry on the list can be independently verified by anyone by visiting the subdomain mentioned in the blocklist comment.

background: Soapbox is TERF software. the developer, Alex Gleason, is open about his transphobia. he has worked for hate sites Gab and Truth.social to get funding for Soapbox. most of the Soapbox flagship server list has been banned from mastodon.social due to hate speech and/or specifically transphobia, and are also on the Oliphant T0 list. do i really need to paint more of a picture?

to the people who will inevitably respond "separate the software from the author": software is a process with a community attached. it's never just software. Soapbox is a TERF's resume. you run it, everyone knows you've decided to look the other way and work with Gleason and that community for software updates, further enabling hate speech. if you actually plan to fully separate, look to Akkoma's example: hard fork, rebrand, and set a code of conduct.

keep TERFs off Fedi.

#Fediblock #Soapbox #Soapblock

PSA: It looks like mastodon.social has implemented hCAPTCHA on their signups yesterday.

So, if you have limited / suspended mastodon.social because of the spam issue, you may wish to reconsider this.

This will also likely mean that spammers will move to different instances (already seeing them targeting mastodon.world).

You may wish to consider implementing hCAPTCHA yourself to protect your own instance, and here is the relevant PR:

https://github.com/mastodon/mastodon/pull/25019

The reason I'm suggesting this, is because if you are a small/medium instance with open registrations, and spammers find and abuse your instance, I imagine that other instances will limit/suspend your instance without hesitation, given how willing some were to limit/suspend the much larger mastodon.social.

But do note this comment on the PR:

“To give some context to people seeing this: this is an emergency feature backport from Glitch SOC to help mitigating an ongoing spam wave, this feature may not make it in a next release, or with significative changes.”

#MastoAdmin #FediAdmin #fediblock

Edited to add: multiple people have rightly commented on the accessibility concerns with hCaptcha: hCaptcha is really really really bad for blind and visually impaired people.

Please have a look at this excellent reply for more details:

https://dragonscave.space/@Mayana/110383119877022255