Conversation

short:
suspending a domain blocks pushing content but not pulling content

long:
- pulls can be done from anywhere on the internet using any web software (e.g., wget, curl)
- fedi servers often don't pull from the same ip their domain points to for pushing (e.g. they use cloudflare, aws, gcloud, docean floating ips, etc)
- the only way to prevent this is for fedi platforms to agree on a scheme for authenticated fetching

- unlisted & public posts are pullable
- direct and follower-only posts are not pullable buuuuuut...
- followers-only posts can leak onto servers where they are pullable which is why trusting servers you federate with is really important

— :blobgoat: