lemmy icon indicating copy to clipboard operation
lemmy copied to clipboard
verified publisher icon LemmyNet

Disable DMs by default. Show different notification for DMs from unknown accounts

Open db0 opened this issue 9 months ago • 2 comments

Requirements

  • [x] Is this a feature request? For questions or discussions use https://lemmy.ml/c/lemmy_support or the matrix chat.
  • [x] Did you check to see if this issue already exists?
  • [x] Is this only a feature request? Do not put multiple feature requests in one issue.
  • [x] Is this a backend issue? Use the lemmy-ui repo for UI / frontend issues.
  • [x] Do you agree to follow the rules in our Code of Conduct?

Is your proposal related to a problem?

The spam problem in the fediverse is increasing and it's only going to get worse as we become more popular. The lemmy DMs are the most vulnerable area atm as it's not easy to implement automated anti-spam tools on them since they're private. This is not only limited to spam even, as abuse and harassment can also happen via DMs.

Most other social media services also have similar problem which is why a very common approach that popular social media use is two-fold.

  1. Do not display DMs from accounts one has not accepted.
  2. DMs from accounts one has not interacted before have to be accepted through a special process, before being displayed. The notification for those DMs is also different from the normal notification (so the notifications can be separated).

I want to suggest something similar for lemmy and also some more enhancements on this formula

Describe the solution you'd like.

The anti-spam/harassment features I would like to have for DMs are:

  1. Do not display DMs from accounts one has not accepted.
  2. DMs from accounts one has not interacted before have to be accepted through a special process, before being displayed. The notification for those DMs is also different from the normal notification (so the notifications can be separated).
  3. Allow each user to specify the minimum account age an account has to have before automatically accepting DMs. This can prevent DMs being lost from people with estabilished accounts whom one can have reasonable faith are not spam. The user still retains the possibility to require approval for all DMs by setting this value to -1 or accept all DMs by default by setting this to 0.
  4. Yet Unaccepted DMs from accounts should automatically disappear if that account is banned.
  5. integrate this with #5088 and/or #5087 if/when those are implemented, which can allow, say, someone to accept all DMs from trusted instances, but not others.

Describe alternatives you've considered.

There's no alternatives

Additional context

No response

db0 avatar Mar 16 '25 10:03 db0

A relatively simple way to implement it would be with a new field PrivateMessageView.is_untrusted: bool. It is false if any of the following is true:

  • Current user is pm sender
  • Current user responded to a post or comment by pm creator
  • Current user previosuly sent a pm to pm creator
  • pm creator is local admin

If is_untrusted is true, frontends should show the pm with a warning or folded with manual expand.

Nutomic avatar Jul 10 '25 10:07 Nutomic

PrivateMessageView.is_untrusted: bool

I think rather than adding too many complicated rules, we add PersonActions: Option<accepted_private_messages_at> .

  • If its null / a missing row, we can then ask Do you want to accept pms from [user]?
  • Add an API action to accept or deny pms from that user.
  • Not sure if we should even add the expandable block or not. Being able to click into that user history might be enough (IE new accounts are sus, old established accounts with public histories are fine).

Side note but I hate the idea that we are creating all these features that matrix already has, and is going to do much better than we ever could.

dessalines avatar Jul 18 '25 14:07 dessalines