Domas wrote:
We don't use UA as first step of analysis, it was helpful tertiary tool...
But it's now being claimed (one might assume, in defense of the new policy) that disallowing missing User-Agent strings is cutting 20-50% of the (presumably undesirable) load. Which sounds pretty primary. So which is it?
Presumably some percentage of that 20-50% will come back as the spammers realize they have to supply the string. Presumably we then start playing whack-a-mole.
Presumably there's a plan for what to do when the spammers begin supplying a new, random string every time.
(I do worry about where this is going, though.)