Interesting! We’ve had quite a noticeable spike of sign-ups on lemm.ee as well

I think it’s not really on your side, most likely either just something wrong on kbin.social itself, OR a side-effect of the measures lemmy.world implemented against kbin.social recently.

They are basically local-only communities on lemmy.world at this point, unfortunately. There is no federation to any other instance for any lemmy.world user posts on those communities.

To be honest, neither Hexbear nor Lemmygrad has caused any noticable issues for lemm.ee. I recently compiled some stats for lemm.ee rule breakers by home instance, and as you can see in this post (in the “Administration” section), neither of those instances even made the top 10.

In general, mods haven’t complained about those two instances either, and the stats for community bans by independent community mods are more or less very similar. If any users creates issues in a lemm.ee community, then the community mods are free to just ban those users, regardless of what instance their account is hosted on.

if fact I wouldn’t even be able to as my home instance is defederated from these instances and thus such posts would be invisible to me

Preventing such situations for lemm.ee mods is actually one of the many reasons we don’t want to use defederation as a moderation tool on lemm.ee - we rather use site bans etc. Too much collateral damage with defederation, especially when dealing with larger instances which probably have vastly more innocent users than problematic ones. We reserve defederation for more extreme cases, like spam instances & CSAM.

Hey, lemm.ee admin here - it’s actually hosted in Finland!

Regarding your question:

Lemmy federation basically works by copying stuff from their source instance to all other federated instances. So if I write a comment on lemm.ee, other federated instances will get their own copy of my comment. They will also all know that the “authority” for this comment is lemm.ee.

If an admin on another instance decides to delete their local copy of my comment on lemm.ee, then they are always free to do so (for example, some instances might want to moderate more strictly), but any actions they take like this are limited to their own instance - for the rest of Lemmy, lemm.ee remains the authority for this comment, so individual remote instance admins taking actions won’t have any effect on any other instances.

As for the original topic of modlog federation, basically it just boils down to this: just like with the comment example above, Lemmy instances also save a local copy of incoming federated mod logs. The Lemmy software does not yet have 100% coverage in terms of federating mod logs (for example, there are no federated logs yet for instance admins banning remote users), but this coverage has been increasing, and I expect this will eventually get to 100% (just needs more dev time really).

Also, if some instance admins try to tamper with their mod logs, then other instances can still see the real history, because there is no way for an instance admin to delete copies of their mod log from other instances.

Banning a local user from a local community does actually federate already

Most actions federate, any exceptions which aren’t federated yet are generally just there because the federation logic has not been implemented (but improvements are constantly being worked on).

Generally federating the modlog is mostly just there for informative purposes. As in, we can check what mod actions were taken on instance A through the modlog on instance B (and there is no mechanism in Lemmy for other instances to retroactively remove or hide federated modlog items, btw).

You can check the federated/defederated instances for any instance on the /instances page. For example:

https://sh.itjust.works/instances

https://beehaw.org/instances

If I have several backends that more or less depend on each other anyway (for example: Lemmy + pict-rs), then I will create separate databases for them within a single postgres - reason being, if something bad happens to the database for one of them, then it affects the other one as well anyway, so there isn’t much to gain from isolating the databases.

Conversely, for completely unrelated services, I will always set up separate postgres instances, for full isolation.

Good luck with the upgrade!

Good luck with the update! One great thing about 0.19 is that it allows users to check federation status between instances, will be awesome to get that for lemmy.world as well.

I think the OP is talking about Lemmy having both a content preview and a text area for link posts.

Some users tend to write their own summary in the text area, so when opening up a post, the result will be:

• Large title written by the OP
• Automatic preview of the page, generated by Lemmy
• Text summary of the page, written by the OP

I agree that this is a bit clunky in terms of UX

What exactly is the issue with our admins? If you feel you’ve received some unjustified moderation, feel free to contact me and I can have a look.

I’m sorry for your experience and I hope you’re doing better now. It’s very important to note that the major victims in this “attack” are absolutely the abused children. That’s exactly what makes this the most disgusting attack on Lemmy to date.

Cloudflare CSAM protection is not available outside of the US, unfortunately.

As a test, I ran this on a very early backup of lemm.ee images from when we had very little federation and very little uploads, and unfortunately it is finding a whole bunch of false positives. Just some examples it flagged as CSAM:

• Calvin and Hobbes comic
• The default Lemmy logo
• Some random user’s avatar, which is just a digital drawing of a person’s face
• a Pikachu image

Do you think the parameters of the script should be tuned? I’m happy to test it further on my backup, as I am reasonably certain that it doesn’t contain any actual CSAM

Any thoughts about using this as a middleware between nginx and Lemmy for all image uploads?

Edit: I guess that wouldn’t work for external images - unless it also ran for all outgoing requests from pict-rs… I think the easiest way to integrate this with pict-rs would be through some upstream changes that would allow pict-rs itself to call this code on every image.

Not yet, it’s a known limitation in Lemmy right now

That user has actually not been in contact with any of our admins, I’m not sure why they are claiming otherwise.

In any case, I shared my position on piracy on lemm.ee a few months ago, and it has not changed. TL;DR discussions about piracy are fine, but explicitly facilitating piracy on lemm.ee is not allowed, and if any such content is reported on lemm.ee then I will most likely err on the side of removing it. Having said that, I am not planning to defederate lemmy.dbzer0.com at this point, as they have not been causing any issues for lemm.ee (but, of course, I do reserve the right to re-evaluate federation with any instance if at any point they start causing problems for lemm.ee).

Quoting my original comment about piracy on lemm.ee, just for full context:

There’s nothing inherently illegal about VPNs, P2P, seedboxes, torrents, software for torrents, etc - as a software engineer, I have no trouble understanding that these things all have legal purposes. There can be no realistic case made against someone just because they use (or discuss the use of) any of these things. You can post and comment about stuff like this all day long.

Also: discussing piracy topics in general (like commenting on the legality of it, just saying you do it, whatever) without actually using lemm.ee servers to host anything sketchy is fine as well.

On the other hand, telling people “go to coolpiracywebsite.com to download the latest avengers movie” is very sketchy - you’re not directly distributing anything, but I think a case can be made that this comment is directly facilitating piracy, and if someone sends me a legal letter to remove such a comment, then TBH I will most likely just comply rather than deal with the hassle of trying to figure out how legal it is. Just being frank here - I don’t want to create false expectations of lemm.ee servers being a safe haven for content with sketchy legal status.