They should implement bot detection that looks at the volume of posts and duplicate posts posted across the whole fediverse from one account, bayesian and LLM based filters to detect spam programmatically, PoW to slow down bots which get through.
As well as checking for signs of automation (Puppeteer/Selenium/Playwright) and suspiciously fast or perfect mouse movement in the web client, and showing a captcha to post/comment in the mobile client.
I don’t think most instances do any of that at the moment, and what looked to be a fake Gofundme ended up on the front page, from an account which was absolutely spamming Mastodon relentlessly.





They want your ID because they’re legally forced to. A VPN will fix it.