Simetrical wrote:
We used to use SORBS to blacklist open proxies, but that's pretty dodgy (requiring a $50 donation to remove an IP).
SORBS does not require a donation to remove an IP from the open HTTP proxy list, that only applies to the email spam list. The reason I decided we should stop using the SORBS list was because there was no automatic expiry or rechecking of addresses. Removing an address required a manual operation: I think from memory that it was a captcha, email confirmation and retest. As a result, the open proxy list was full of false positives, such as random addresses from DSL pools.
If we're going to use an external blacklist, it would really help to know a bit about their scanning procedure and their expiry policy. If there are no decent lists available, we can always do our own scanning and make our own list.
The thing is, open proxies and Tor exit nodes are not the only sources of vandalism. Some vandals just use their own IP and move to the next wiki as soon as they are blocked. We really need a cross-wiki block list which is editable via a web interface.
-- Tim Starling