@Trysdyn @KitRedgrave @maple
To expand on what I mean for the people who do not read my posts on a regular basis (they probably have me personally blocked, but whatever), here is what is happening:
1. A user on computerfairi.es posts a post.
2. Somebody who follows that user and is followed by a user on blockedinstance.social makes a reply or boosts the post.
3. The user on blockedinstance.social gets a copy of that interaction because it was addressed to as:Public.
4. blockedinstance.social reconstructs the thread, fetching missing objects in it.
5. Because there is no authentication requirement for fetching objects (or any other passive AP activity), blockedinstance.social now has a copy of your object.
Unfortunately, at present, this means that the best mitigation is to firewall any instance you block that you also do not want to be able to receive posts from you. It is unfortunate that this is the present situation for quite a few reasons (the topological knowledge learned from requiring authentication on fetches would be very helpful for distributing Deletes for example), but it is not a defect in Pleroma or any other ActivityPub software. Instead, it is a defect in ActivityPub itself: since there is no authentication requirement, there is no support for authenticated fetches in any of the implementations.
While it may be disturbing to see, Pleroma is just showing you that ActivityPub is leaking your data all over the fediverse and sending it to instances you don't want it on. Blame the protocol, not the messenger.
Hopefully that clarifies what is going on. You can read also my blog post about this particular issue: https://blog.dereferenced.org/activitypub-the-present-state-or-why-saving-the-worse-is-better-virus-is#unauthenticated-object-fetching
It would be nice in the future if people did not make bad faith assumptions about why things are the way they are and instead reached out and actually asked about it. We are committed to improving the security posture of the fediverse.