Lower suspicious-sweep grace window from 24h to 1h, tighten sweep cadence to 10min

Datacenter/hosting-IP-flagged signups are a strong enough spam signal on
their own that a full day of grace was mostly just delaying an inevitable
suspend. Cron cadence tightened from hourly to every 10 minutes so real
latency stays close to the new 1h window.
This commit is contained in:
pmb
2026-07-06 07:07:43 -07:00
parent 9924e06b5a
commit 8b0e1eb5ab
2 changed files with 18 additions and 9 deletions
+6 -2
View File
@@ -158,8 +158,12 @@ CHECK_MAIL_AUTO_DOMAIN_BLOCK=true
SUSPICIOUS_SWEEP_ENABLED=true
# Hours of grace given to a flagged signup to show organic activity (a new
# post or a new follow) before it's considered dormant/bot-like.
SUSPICIOUS_GRACE_HOURS=24
# post or a new follow) before it's considered dormant/bot-like. Lowered from
# the original 24 to 1 (2026-07-06) — the datacenter/hosting-IP signal alone
# is a strong enough spam indicator that a full day of grace was mostly just
# delaying an inevitable suspend; paired with a tighter sweep cadence (see
# CLAUDE.md) so real latency stays close to this value.
SUSPICIOUS_GRACE_HOURS=1
# Moderation action taken on a flagged signup with no activity in the grace
# window: "suspend" (agreed default — a stronger signal than the report-
+12 -7
View File
@@ -139,8 +139,11 @@ run via `docker exec yttrx-welcomebot python -m app.suspicious_sweep`, e.g. hour
baseline snapshot of `statuses_count`/`following_count` is recorded at
that moment (`app.main.maybe_start_suspicious_watch`, table
`suspicious_watch`).
2. The sweep looks for watches past `SUSPICIOUS_GRACE_HOURS` (default 24)
and compares current counts to the baseline:
2. The sweep looks for watches past `SUSPICIOUS_GRACE_HOURS` (default 1;
lowered from the original 24 on 2026-07-06 — a datacenter/hosting-IP
signup is already a strong enough spam signal that a full day of grace
was mostly just delaying an inevitable suspend) and compares current
counts to the baseline:
- **Any new post or new follow** since the baseline → cleared, never
rechecked.
- **Zero of either** → `SUSPICIOUS_ACTION` (default `suspend`) is applied,
@@ -216,7 +219,7 @@ Copy `.env.example` to `.env` and fill in:
| `CHECK_MAIL_HOLD_WELCOME` | `true` — hold the welcome for a flagged signup until `account.approved` |
| `CHECK_MAIL_AUTO_DOMAIN_BLOCK` | Auto-register a flagged domain into Mastodon's `Admin::EmailDomainBlock`; also gates the report-triggered override |
| `SUSPICIOUS_SWEEP_ENABLED` | Master switch for the suspicious-signup sweep (`app/suspicious_sweep.py`) |
| `SUSPICIOUS_GRACE_HOURS` | Hours a flagged signup has to post or follow someone before it's swept (default 24) |
| `SUSPICIOUS_GRACE_HOURS` | Hours a flagged signup has to post or follow someone before it's swept (default 1) |
| `SUSPICIOUS_ACTION` | `suspend` (default) or `silence`, applied to a flagged signup with zero activity in the grace window |
| `SUSPICIOUS_DRY_RUN` | `false` (ships live by design) — set `true` to log/DM only, no real action |
@@ -328,12 +331,14 @@ the `admin:read:accounts` scope (remint via the Rails-console snippet in
this cron entry, or every sweep run 403s per-account:
```bash
crontab -l | { cat; echo '17 * * * * docker exec yttrx-welcomebot python -m app.suspicious_sweep >> /var/log/welcomebot-suspicious-sweep.log 2>&1'; } | crontab -
crontab -l | { cat; echo '*/10 * * * * docker exec yttrx-welcomebot python -m app.suspicious_sweep >> /var/log/welcomebot-suspicious-sweep.log 2>&1'; } | crontab -
```
Hourly (rather than daily like the dormant-sweep) since the grace window is
only `SUSPICIOUS_GRACE_HOURS` (default 24) — an hourly cadence keeps the gap
between crossing the deadline and being swept small.
Every 10 minutes (tightened from hourly on 2026-07-06 to match
`SUSPICIOUS_GRACE_HOURS` dropping from 24 to 1) — with a 1h grace window an
hourly cadence could add up to another hour of latency on top of the grace
period itself; a 10-minute cadence keeps the gap between crossing the
deadline and being swept small relative to the window.
## Operations