I'm aware of a certain Pixelfed instance being targeted by spammers and used to deliver spam to accounts across the fediverse.

The same thing happened with Lemmy last summer, and was caused by a dangerous config cocktail:

- Open Registrations

- No email verification

- Less active moderation (waiting to get reports rather than finding this from paying closer attention)

There are some things I can improve in Pixelfed, but these 3 are dangerous when used together!