Avatar
jb55 1y ago

Thinking about a noteguard filter that broadcasts nostr notes of the IP address of bots that spam my relay. Then other public relays could read that note and add it to their block list automatically (if they trust me).

Or could be at least be interesting as a diagnostic tool, could follow that account to monitor attacks.

Would be happy if the person spamming me right now gets banned from all public relays. Spammers don’t get censorship resistance on public relays, sorry. nostr:note14dq8aa4whf3wh6ud3qda60qjmmpnddukfu8mnxm0pfu8e3egkp2sqq36ez

Reply to this note

Please Login to reply.

Discussion

Avatar
cr0bar 1y ago

Like it! 👍

Avatar
Sad 0shi 1y ago

No solutions only trade-offs.

Avatar
7fqx 1y ago

I've seen this 'rainbow spam' stuff on a few notes, seems to be on trending/popular notes, no? I think it's more than just you. Your posts are popular tho lol

Avatar
jb55 1y ago

i have 6 spam notes in my notifications per minute

Avatar
jb55 1y ago

You can only really do this if it was a targeted attack due to my ip based relay rate limits, but it’s possible its slipping through via other relays. I will test this

Avatar
7fqx 1y ago

No sure I get it. But I was just saying it may not be specifically targeting you/personal. Doesn't make it less annoying or anything lol. But I suppose it's just not someone who hates you, so that's... something :) ¯⁠\⁠_⁠(⁠ツ⁠)⁠_⁠/⁠¯

Avatar
jb55 1y ago

Based on analysis of all the incoming spam on my relay it does specifically targeting me, the replyguy spam is not effective on my relay due to rate limits, but targeted attacks are still possible.

Avatar
7fqx 1y ago

Ok, I'm just guessing here cos I've also been seeing it on on vitor's post and fiatjaf's. The rainbow impersonation stuff?

Avatar
jb55 1y ago

What do you mean by rainbow?

Avatar
7fqx 1y ago

That's the spam I'm seeing. Let me get a screenshot as an example

Avatar
jb55 1y ago

Oh interesting, i see its targeting vitor and fiatjaf as well. I will turn off all other relays and see if its some specific relay not stopping it

Avatar
7fqx 1y ago

I'm seeing this sort of thing a lot. Impersonator rainbow spam.

Like impersonator accounts that repost old notes maybe (?) with lots of rainbows in the text.

It seems to be on popular notes / accounts.

Avatar
jb55 1y ago

I assumed it was just me because they aren’t adding lots of p tags which would have been smart, but maybe that would be easier to block

Avatar
jb55 1y ago

I guess 6/minute ratelimit is still not enough to stop this. Even on a slow drip its still annoying. Next thing will be tracking numbers of notes per ip i guess and blocking the ones that are doing this.

Avatar
Wondrej 1y ago

It's kinda tradeoff, bcs i as not that popular npub could be counted as a spam if i post lot of notes i guess.

Avatar
jb55 1y ago

Only if you post more than 6 times a minute persistently

Avatar
Wondrej 1y ago

Yeah, hope thats okey. Sometimes when im high i post like 4 notes in minute, or to be complete- 4 comments, idk if comment counts

Avatar
Sjors Provoost 1y ago

That sounds more reasonable from a privacy point of view, only broadcasting IP addresses with some reasonable suspicion.

Relays can use that info directly, but clients could also tell their relay to filter from a given IP address (though that's a bit dangerous as an attacker could use it to confirm that an IP address is used by some npub).

Avatar
ʸ₿ 1y ago

垃圾邮件发布者在公共中继中应该受到审查抵制!

Avatar
hzrd149 1y ago

This could also help normalize relays having npubs of their own :)

If you built something like this I'd love to build a simple dashboard for it in noStrudel

Avatar
jb55 1y ago

yeah I definitely want relay pubkeys, not sure if there is relay metadata for that yet

Avatar
hzrd149 1y ago

There is a pubkey field in nip-11 but its for the owner. Although depending on how you look at it you could consider the npub that is moderating the relay the "owner"

Also nip-66 has support for relays that are addressed by their npubs

Avatar
someone 1y ago

i thought about this in the past. the danger is centralized banning.

Avatar
jb55 1y ago

The relay is accountable in this case, if i broadcast a note that censors a legitimate user there could be a public investigation and people would no longer trust my ip ban lists. Still tied to trust and reputation.

Avatar
someone 1y ago

if a legit user and a spammer uses the same vpn, the legit user will be banned in more places than 1 relay

Avatar
jb55 1y ago

VPN users should probably not be using public relays, vpns will likely banned eventually due to spammers

d6
nobody 1y ago

That’s a bummer. I always connected thru Mullvad.

Avatar
jb55 1y ago

just use a paid relay like nostr.wine or the damus purple relay when its out.

d6
nobody 1y ago

Purple relay would be nice. Don’t wanna pay just for the relay service at this stage.

Avatar
stove5 1y ago

Won't spammers generally use cloud resources? Or are we including those in the VPN group?

Avatar
jb55 1y ago

I suspect it will get to that stage, and then I will have to start temp banning ip ranges.

Avatar
Ross 1y ago

Total transparency of relay filters helps address this because everyone involved has access to the same information.

Relay operators are not trying to suppress information without others knowing.

Avatar
rustyspark 1y ago

What if you did a combination of a block List and allow List? so the users can subscribe to your list by default in your platform but then they could submit a set of users or IP to their personal allow list on their client and it permits these to come through or you could reference their followers if they’re following somebody you’ve blocked, you could allow that to come through. If there’s inappropriate person responsible because they specifically added it to their list.