What have I done?! My abomination of an idea of bridging my email and ActivityPub progresses. If you see this message, something is working! Comments replies are welcome as it’s a good test of this system :)
People keep saying ActivityPub is a lot like email. If it’s so similar to email, could I use my email client to interact with the fediverse?
Previously I did this by writing a SMTP interface to the Mastodon HTTP API. That worked. But as we probably know, the fediverse is not Mastodon; it’s really ActivityPub. The real deal would be working with ActivityPub directly, not the Mastodon HTTP API.
And that’s now (mostly?) working! In shonky diagram form, sending looks like this:
laptop --SMTP--> my_server --ActivityPub--> fediverse
Replies look like this:
fediverse --ActivityPub--> my_server --SMTP--> mailbox <--IMAP-- laptop
my_server
translates back and forth between ActivityPub messages and
mail messages.
For example given the message:
Date: Wed, 6 Mar 2024 16:37:59 +1100
From: Oliver Lowe <[email protected]>
To: [email protected]
Subject: test 2
test hello world!
The following ActivityPub message is created:
{
"@context": "https://www.w3.org/ns/activitystreams",
"id":"https://apubtest2.srcbeat.com/outbox/1709703480070628170",
"type":"Note",
"name":"test 2",
"to": ["https://aussie.zone/c/localtesting","https://www.w3.org/ns/activitystreams#Public"],
"cc": ["https://aussie.zone/c/localtesting"],
"published":"2024-03-06T16:37:59+11:00",
"attributedTo":"https://apubtest2.srcbeat.com/actor.json",
"content":"test hello world!",
"mediaType":"text/markdown"
}
There’s still a lot of bugs (of course) and unimplemented bits (of course). I can’t call this a proper fediverse service yet. I’m going to roll with this for a bit and see how it holds up.
Excuse my ignorance but how will the fediverse defend itself against email spam?
That’s a good question. Right now there’s very little stopping people from spinning up some ActivityPub server and blasting out messages. I’m actually surprised at how little ActivityPub spam there is currently.
One of the awesome things about the fediverse is how anti-commercial it is right now. Maybe it’s not a major target for spam because there’s not a lot of money in it.
Defederation would be my guess
But if you can keep spamming our (heh) a new site for like 99c a domain name, you could do this a lot despite getting banned.
The alternative is something like FediSeer where you can get sites guaranteed by others and block anything not given the all-clear, but that really harms the ability for new sites to appear.
If something like this were to gain lots of traction I’d hope it would be something not too difficult to implement by smaller new sites.
What really sucks is the situation with email now: it’s really tricky to get stuff delivered if you’re not Google/Microsoft. The barrier to entry is way, way too high :(
I joined fediseer with this lemmy instance. I don’t know what’s going to happen with your self-built software, but getting a guarantee is easy, if your instance looks credible. I’m not aware of anyone that uses it as a filter at this point either.
Anyway, this is an awesome project. If you keep working on it and need a fediseer guarantor for the site, I’m happy to do that.
See their lemmy community: lemmy.dbzer0.com/c/fediseer
Oh wow awesome. Thanks so much!
It needs a bit more fleshing out, removing a bit of hardcoding too. And of course I want to publishit under an open source licence too. Thanks for the tip - I’ve written it down in the growing TODO file! :)
The barrier got higher and higher because people kept overcoming the previous barrier to keep sending spam. It’s an unsolved problem I think.
If something like this were to gain lots of traction I’d hope it would be something not too difficult to implement by smaller new sites.
What really sucks is the situation with email now: it’s really tricky to get stuff delivered if you’re not Google/Microsoft. The barrier to entry is way, way too high :(
I mean you already could do that with something like ActivityPub proxy or just change your instance domain every time. If that’s such a risk, why aren’t people doing it now?
deleted by creator