I also run a public Nostr relay: wss://n.ok0.org

For a few days now it has been the target of a really annoying Chinese asshole spammer, who is posting on repeat some shitty message + some QR code to donate crypto (go figure).

This motherfucker isn’t being subtle either, we’re talking a new spam note every minute or so.

To give you an idea of how committed these people are to shitting up the place:

  • Every message is posted from a new npub (Nostr account), so banning that is completely pointless. You also can’t do shit to block it as a user, if your client isn’t smart enough to figure out it’s spam.
  • He was initially repeating the same phrase so I banned that - every message now contains a random different phrase.
  • I started banning his URLs - he now generates new ones often.
  • I banned all his shitty IPs (it’s likely a bot hosted off AWS free tiers or some shit), he keeps coming up with new ones.

I’m playing fucking whack-a-mole with this asshole and he knows it lol. The thing is, it’s actually really easy for me to solve the problem by making the relay whitelist only and forgetting about it.

I could also ban notes in written in Chinese, for example.

The only reason he can even spam it to begin with is because I’m trying to run a free relay that anyone can use, including his fellow countrymen. You know, freedom and all that shit Nostr promises. What a piece of shit.

  • splinterOPA
    1 year ago

    He used to repeat some keywords, but he figured out I block them so now he’s made it so every message has entirely different text on it:

    Again each message is from a different npub so there’s nothing to ban either. He reuses the same bio shit but the relay doesn’t get that info/doesn’t check for that when it receives a note so I can’t use that.

    I’ve been going for the URLs but he will just generate a new one. Right now I’ve banned imgur entirely (from what I can tell everyone else is using nostr client image storage anyway, I can live with some false positives) - this seems to have stopped him for now.

    The IPs he posts from are some kind of VPN or client or some shit, starting to block those also dropped the vast majority of the legitimate asian traffic. The dip you see was me cracking down on them, and then me turning the tap back on earlier when I decided to just ban imgur instead:

    I think some clients won’t show his shit, but I know Amethyst does. Most likely nobody ever checks global anyway. My plan is to keep going after his image storage if he changes from imgur.

    I agree, I think there are people who want to specifically shit on free relays to promote paid ones as you say. I really don’t want to run a paid relay, in fact I would sooner just make the relay invite-only. I have nothing against money, but getting paid for a service changes the dynamic.

    • Owner_of_donky
      1 year ago

      Off topic: What is the software that generates this firewall graph?

    • splinterOPA
      1 year ago

      Right on cue, he swaps to a URL shortener:

      Now every URL is unique for every message too, he’s improving lol

      I banned is.gd, takes a few seconds to do, guess he has to set up somewhere else now.