There are thousands of instances and it’s not really about admins. If a Mastodon user wants to go and follow a Lemmy community, they can. They shouldn’t need to ask their admin to contact the admin of the Lemmy instance to be allowed to.
However, there is something called Fediseer which allows a chain of trust. Some instances guarantee other instances who then guarantee others down a chain. If an instance turns out bad then their guarantor can revoke it and any instances lower in the chain (that the spammy instance guarantees) also lose their trusted status. It doesn’t share IPs to my knowledge though, and outbound IPs are different than the inbound one on the domain if there is a CDN like Cloudflare in the mix. The intent is actually to identify and block instances set up to spam (or other reasons to defederate).
I think the other part missing is that it’s not just instances. If you upload an image to Lemmy.world and then someone on feddit.online views it, the feddit.online user’s browser loads that image directly from Lemmy.world. That means if you block any IP that’s not an instance, people won’t be able to see content uploaded by your users. So you have to be able to tell what is a Brazil-hosted AI bot and what’s a Brazilian user viewing a meme your user uploaded.
There are of course different parts that you can or can’t block which is basically the idea, working out which endpoints can be blocked and which will break things for genuine users. With static images they can be basically ignored because Cloudflare will cache it, but having thousands of post or feed loads in a hurry can bring down an instance.
There are thousands of instances and it’s not really about admins. If a Mastodon user wants to go and follow a Lemmy community, they can. They shouldn’t need to ask their admin to contact the admin of the Lemmy instance to be allowed to.
However, there is something called Fediseer which allows a chain of trust. Some instances guarantee other instances who then guarantee others down a chain. If an instance turns out bad then their guarantor can revoke it and any instances lower in the chain (that the spammy instance guarantees) also lose their trusted status. It doesn’t share IPs to my knowledge though, and outbound IPs are different than the inbound one on the domain if there is a CDN like Cloudflare in the mix. The intent is actually to identify and block instances set up to spam (or other reasons to defederate).
I think the other part missing is that it’s not just instances. If you upload an image to Lemmy.world and then someone on feddit.online views it, the feddit.online user’s browser loads that image directly from Lemmy.world. That means if you block any IP that’s not an instance, people won’t be able to see content uploaded by your users. So you have to be able to tell what is a Brazil-hosted AI bot and what’s a Brazilian user viewing a meme your user uploaded.
There are of course different parts that you can or can’t block which is basically the idea, working out which endpoints can be blocked and which will break things for genuine users. With static images they can be basically ignored because Cloudflare will cache it, but having thousands of post or feed loads in a hurry can bring down an instance.