30-something grey wolf therian and furry. Admin of yiffit.net lemmy instance and packmates.org mastodon instance.
It should be a signature that is sent together with the ActivityPub Object. Yes, if the signature doesn’t match, the content, whether a post, comment, favorite, upvote, etc… should be dropped.
Here is the source code of the library that lemmy uses to handle incoming objects and you can see that it does a call to verify the signature of the actor:
Messages are sent with a digital signature that only the original instance could craft.
Hey, this happened to us recently. In your database check the table called 'instance ’ and make sure the value for ‘updated’ is less than three days old for lemmy.world
There are false positives regarding the detection of “dead instances” in the latest version of Lemmy and it’s actually your instance that stops sending out messages to lemmy.world
Not that instance, but Lemmy is missing a lot of moderation and federation tools. Right now you only have sledgehammers to deal with tiny nails, in regards to tooling.