Federated posts are received, and they can come in batches. If a server was down for a while, you may receive days or even weeks of data, all at the same time.
In this case, the spammer is probably using an account on a real server, so that server needs to take action and ban the spammer. If the attack is federation based, there’s nothing stopping the spammer from faking time stamps, usernames, and using hundreds of different domain names.
You can use heuristics to flag accounts to admins, of course (“this user is sending 2000x the normal amount of posts and comments”), but it’s impossible to prevent spam without whitelisted federation.
This is why email providers such as Gmail, Outlook, and Apple mail flag almost any email from a small server as spam, regardless of message contents. There are too many spammers out there, and only trusted, somewhat verified servers are allowed to send email. It’s a real pain for those running their own mail servers.
Federated posts are received, and they can come in batches. If a server was down for a while, you may receive days or even weeks of data, all at the same time.
In this case, the spammer is probably using an account on a real server, so that server needs to take action and ban the spammer. If the attack is federation based, there’s nothing stopping the spammer from faking time stamps, usernames, and using hundreds of different domain names.
You can use heuristics to flag accounts to admins, of course (“this user is sending 2000x the normal amount of posts and comments”), but it’s impossible to prevent spam without whitelisted federation.
This is why email providers such as Gmail, Outlook, and Apple mail flag almost any email from a small server as spam, regardless of message contents. There are too many spammers out there, and only trusted, somewhat verified servers are allowed to send email. It’s a real pain for those running their own mail servers.