William,
Yes, a simple restriction like this tends to create
smarter villains
rather than less villainy. Filtering on an obvious, easy-to-change
characteristic also destroys a useful source of information on who the
bad people are, making future abuse prevention efforts harder.
Thanks for insights. But no.
We don't use UA as first step of analysis, it was helpful tertiary tool, that put
these people into "ignorant or malicious" category.
If they'd have spoofed their UAs, we'd block the IPs and inform upstreams, as
fully malicious behavior.
If they had nice UA, we might have attempted to contact them or have isolated their
workload until the issue is fixed ;-)
Domas