One of my users complained that they received spam from @mastodon_user_matching@2.distsn.org, whose timeline currently looks like:

@mastodon_user_matching@2.distsn.org spam

It turns out this whole instance is screaming with spam red flags:

  • It doesn’t verify email addresses1,
  • The site that the spambot is advertising, MastodonUserMatching.tk, is a redirect to vinayaka.distsn.org (which is on the same domain as the Mastodon instance2), and
  • The bot’s source has the same name (“vinayaka”) as the subdomain it’s spamming ads for.

I conclude that this instance is specifically deployed to allow and assist spamming, and as such, I’m suspending the 2.distsn.org domain effective immediately.


  1. Thanks to @kaniini@mastodon.dereferenced.org for pointing this out! 
  2. Thanks to @href@soc.ialis.me for pointing this out!