One of my users complained that they received spam from @mastodon_user_matching@2.distsn.org, whose timeline currently looks like:
It turns out this whole instance is screaming with spam red flags:
- It doesn’t verify email addresses1,
- The site that the spambot is advertising, MastodonUserMatching.tk, is a redirect to vinayaka.distsn.org (which is on the same domain as the Mastodon instance2), and
- The bot’s source has the same name (“vinayaka”) as the subdomain it’s spamming ads for.
I conclude that this instance is specifically deployed to allow and assist spamming, and as such, I’m suspending the 2.distsn.org domain effective immediately.
- Thanks to @kaniini@mastodon.dereferenced.org for pointing this out! ↩
- Thanks to @href@soc.ialis.me for pointing this out! ↩