Admin/owner of this Mastodon server. I play around with Linux.
I also own:
Phanpy: https://phanpy.hear-me.social
Peertube: https://my-sunshine.video
Pixelfed: https://gr8.pics
Friendica: https://my-place.social
Piefed: https://feddit.online
XMPP (Jabber): https://between-us.online
Matrix: https://element.secure-channel.net
Bluesky PDS: https://blue-ocean.social
Mobilizon: https://my-group.events
I've enabled the Tangerine UI Themes at hear-me.social. They look great. My personal favorite is "lagoon" but the default tangerine, cherry, and grape are very nice too.
There's more information here: https://github.com/nileane/TangerineUI-for-Mastodon
To enable, just go to Preferences->Appearance->Site Theme, and pick the look you'd like to use from the dropdown.
@nileane, can you add hear-me.social to the list of instances using your themes? Thanks for doing this!
@ClearlyClaire
Thanks for the confirmation.
I think it was a coincidental Digital Ocean change. While I can't telnet to the email server IPV6 address from either Mastodon VPS, I can from other DO VPS servers.
So, it's probably only a matter of time before they restrict the other servers as well. This weekend, I'll remove IPV6 support from my email server.
Thanks, again!
I run my own email server in DigitalOcean and the IPV6 connections are being blocked to the email servers by DO to avoid having /64 IPV6 ranges black listed, which they say is what the black list services would do. By only allowing IPV4, to a mail server, only 1 IP address is potentially black listed which won't affect many other customers.
Why this was never a problem before, I don't know. I don't know if something changed in Mastodon to only use the IPV6 address, and it used to fall back to IPV4 when it got a connection error (connection closed by foreign host), or it used to prefer IPV4 when connecting to SMTP, or was lucky in the past, or DO had the IPV6 unrestricted until recently for hear-me.social and my Mastodon test instance.
I changed the SMTP server address to use the IPV4 address directly instead of the domain name, and everything works again.
Oddly, none of my other machines (Friendica, Piefed, Mobilizon, my home computer, and several others) are seeing connection issues reaching the email server, just suddenly, the 2 Mastodon servers.
Thanks for reaching out!
@gunchleoc @nikatjef @mastodonmigration
This is what I do as well
Well, finally, email notifications on hear-me.social are working again. They seemingly broke with the last upgrade and fortunately were also broken on my test instance so I could play around without disrupting services here.
The cause was bizarre, and it took a while to find it.
I have my own email server for a hundred reasons, and it's hosted on Digital Ocean. I host this Mastodon server, (and others) on Digital Ocean. But, around the time I did the Mastodon upgrade, the Mastodon servers could no longer send email.
The cause...
Digital Ocean has a policy to restrict IPV6 access to an SMTP server hosted on Digital Ocean. Mastodon was attempting to connect to my mail server using IPV6 and was blocked. Oddly, I can connect via IPV6 from my home computer, which is against their policy and from other DO servers. Maybe not for long?
I found reference to this Digital Ocean policy in a post from 2014, but other hosters probably have the same policy.
"The main reason behind why we have chosen to block these ports by default is due to how blacklists handle IPv6 addresses, in the event of a spam report. Rather than listing only one address, blacklists will list the full /64 subnet of addresses that the spam report came from, which impacts a whole range of customers and droplets unaffiliated with the incriminating droplet/user. When a whole range is affected, even newly created droplets can be affected if they are assigned an IP for a blacklisted subnet."
Had I known this, I would have set up the mail server to only use IPV4, but it's a bit late to change it. My workaround was to use the IPV4 address for the SMTP server in the Mastodon configuration file instead of using the domain name.
Anyway, anyone on hear-me.social who runs into issues with email from this point on, please let me know.
@dansup @vernissage
Still not showing any of the large Piefed servers, like piefed.social and feddit.online
Did any other Mastodon Admin notice that their emails stopped working after the last update? I don't see anything listed in the issue list. If it still works for you after the latest upgrade, can you please confirm it for me, so I know it's an issue I need to figure out?
I'll try to see what's going on later after, I hope, I fix my Friendica instance which is very ill right now.
@dansup Still doesn't list any of the important PieFed servers, not even the mother ship, Piefed.social
@wild1145 The report was appropriate. And I like having a record of it, so I'm glad that you opened a report.
This is the second time the same idiot opened an account here with a similar name.
So, thank you!
@wild1145
Hi Ryan. Someone on your universeodon.com instance reported a racist who signed up on my instance.
Please let them know that the account they reported lived for 6 minutes here and is now suspended, and the content is deleted fediverse-wide.
Thanks.
I just built and deployed the latest version of #Phanpy on hear-me.social (https://phanpy.hear-me.social). It is a far superior UI to Mastodon, and other Fediverse applications. Great summary here: https://social.coop/@eloquence/111523403904275214
You should check it out.
Hi Dan,
It looks like all the #Piefed servers fell off FediDB and cannot be added again. Getting a 404 trying https://Piefed.social and https://feddit.online.
What happened?
All. I blocked social.beaware.live, not because the Admin is a problem, just the opposite, I love the guy. But because he stopped self-hosting, and I was seeing errors in the logs because it is no longer reachable.
There are some followers here who will be notified of the suspension, so just know, you can find him instead at @BeAware and if you haven't started following him at his new home, you should.
Seems some horribly active spammer POS has been opening accounts via an API call under the name "Ashish.." and was using an access token that was given to the buffer.com application for posting messages on a schedule.
I don't know when it was stolen, but if anyone is using #Buffer, I strongly suggest you revoke your tokens. Apparently that aren't, or weren't, protecting them very well.
Yep, that's how they did it. Thank you!
2025-04-18T05:42:13.881136-04:00 hear-me-nyc1-01 bundle[1370]: I, [2025-04-18T05:42:13.878834 #1370] INFO -- : [4512ffea-1aa3-4909-9d65-f6e210021eca] method=POST path=/api/v1/accounts format=html controller=Api::V1::AccountsController action=create status=200 allocations=25956 duration=613.78 view=0.00 db=117.82
Riddle me this. How can a spammer start their account creation from /auth/confirmation? He does this every week. He never accesses /auth/sign_up. He always first shows up in the logs accessing /auth/confirmation.
I have his ASN blocked by the Cloudflare firewall from accessing /auth/sign_up. I see in the Cloudflare logs that he tried to access /auth/sign_up but got a 403 from Cloudflare. The request is nowhere in my logs. It was truly blocked by the proxy server.
But, then suddenly he's using /auth/confirmation with the same blocked ASN seconds later and creates the account. Today I added the same ASN restriction to /auth/confirmation to try to stop future sign-ups, but this is beside the point.
It's like he tries to go to sign_up, gets a 403, and then uses some alternative means to begin the signup process.
He's not getting in with an invitation code, either.
Can he be using an existing account in some way to get an access token for an API call of some type to begin registration?
How does he do this?
Based on this post on lemmy.world, I will defederate both rn[.]nf, and lemmy[.]one, from my instances due to unmoderated CSAM (Child Sexual Abuse Material) that is not being removed from their sites.
https://lemmy.world/post/28173093
Here's an excerpt from their post:
Among these instances, r[.]nf and lemmy[.]one were some of the first instances that were informed, but even after 2 months since the initial report there has been zero reaction from either instance. Both of these instances don't appear to be moderated, as evident also by posts asking whether the instance is still maintaned on lemmy[.]one and 2 month old spam in r[.]nf's main community.
Due to the lack of action and response we have since also reported this directly to their hosting providers through Cloudflare, which includes an automatic report to NCMEC.
Even when this material will get taken down now, we don't currently believe that the instance operators are willing or able to moderate these instances properly, so we will keep them defederated unless they can convince us that they are going to moderate their instances more actively and ensure that they provide usable abuse contacts that don't require going through their hosting provider.
I'm in agreement with this lemmy.world post and will enforce the same policy here and on my other instances relating to the #Nicole spam issue.