Replace RDAP/ipwhois signup-IP classifier with ipapi.is

Flags datacenter, vpn, proxy, tor, and independently-scored abuser
signals instead of regex-matching RDAP org names; anonymous tier
covers 1000 req/day, well above signup volume.
This commit is contained in:
2026-07-06 08:57:55 -07:00
parent e62e3330e4
commit 0356fe7997
7 changed files with 106 additions and 83 deletions
+4 -3
View File
@@ -8,9 +8,10 @@ Guidance for Claude Code when working on **yttrx-welcomebot** (the welcome bot
A FastAPI webhook server. One Mastodon admin webhook delivers `account.created`,
`account.approved`, and `report.created` to `POST /webhook`; the app dispatches:
- **account.created** → classify the signup IP (RDAP org lookup); flagged
(datacenter/hosting) signups get more scrutiny (held welcome, ip_blocks
registration, DM to moderator) before falling through to a normal welcome.
- **account.created** → classify the signup IP via ipapi.is; flagged
(datacenter/vpn/proxy/tor/abuser) signups get more scrutiny (held welcome,
ip_blocks registration, DM to moderator) before falling through to a normal
welcome.
- **account.approved** → always DM the welcome (dedup-safe; this is what
releases a held welcome once a human clears the approval queue). Also where
a held, flagged signup's suspicious-watch baseline gets captured.