Hi!
1) Only if you've already identified the spammer
through some other process
(otherwise, you don't even know if they're using automated software).
You probably don't get scale of wikipedia or scale of the behavior we had to deal
with, if you think that it isn't possible to notice behavior patterns of it :-)
2) It doesn't really show that the user is acting
malicious even if you can
Acts like a duck, quacks like a duck :)
Regardless, what are you going to do about it? Block
the IP?
Perhaps.
For how long?
Depends. Probably indefinitely.
Even if it's dynamic?
Dunno, probably not.
Even if it's shared by many others?
Would avoid it.
Anyway, you probably are missing one important point.
We're trying to make Wikipedia's service better.
It doesn't always have definite answers, and one has to balance and search for decent
solutions.
Probably everything looks easier from your armchair. I'd love to have that view! :)
Domas