[WikiEN-l] Editing with open proxies

[Ilmari Karonen]

MacGyverMagic/Mgm wrote:
> If it is against policy then why aren't we blocking those proxies?

We are, but the problem is that new ones keep popping up all the time. 
Still, it *should* be possible to automatically block editing from 
*most* Tor exit nodes; if Torstatus can keep up with them, we should be 
able to do the same.  A few nodes would probably be missed because 
they're multihomed or behind transparent proxies, but I don't believe 
those are all that common.

Of course, that would only solve the problem for Tor, not for the 
countless zombie computers and misconfigured proxies that make up the 
majority of the proxy-blocking workload.  So I suppose preemptively 
blocking Tor may not be seen as a major priority from that perspective.

> And if proxy editing is against policy we should block AOL too as it is
> basically an open proxy to with all the IP switching going on.

IIRC, we did, the moment AOL started allowing people other than their 
direct customers to use their proxies.  There were calls for blocking 
them, at least anon-only, even before that, but for various reasons -- 
including the number of AOL customers that would've been hit as well as 
vague promises from AOL that something would be done about it real soon 
now -- it never got done back then.  (Not here, anyway; the German 
Wikipedia, at least, did block them.)

The issue was finally resolved when AOL eventually got their proxies 
configured to send us proper X-Forwarded-For headers and we added them 
to the list of trusted proxies from which we accept such headers.  Thus, 
users editing now via AOL's proxies have their edits assigned to their 
actual IP address rather than that of the proxy.

(Needless to say, that won't happen with Tor; their very purpose is to 
make it impossible to determine the real IP addresses of their users.)

-- 
Ilmari Karonen