Just summarizing for @techapj who is going to experiment with doing these checks and logging the results, here are the services to check new user signup IPs against:
- Blocklist Removal Center - The Spamhaus Project
- SpamCop.net - Blocking List ( bl.spamcop.net )
- Inspect an IP | Project Honey Pot
- Tor Network Status -- Tor Exit Query
Interestingly, this may present a problem… if a user logs in from a validated email service, say, Facebook or Google, they don’t have to wait for an email with a link to have a valid account, they have a valid account immediately after signing up and can begin posting – subject to standard new user sandbox rate limits, of course.
It’s almost like you can’t really approve someone’s account until you hear back from these ~5 different services, to know if the user account should be put in a manual approval queue first.
Well, anyway, @techapj will experiment with doing these checks at signup time, see how long they take, and log the results behind the scenes. No user-facing UI or outcome yet.
(The other potential problem is users who sign up for a new user account from a “good” IP and then switch to an “evil” IP later. Not sure how realistic that is, though…)
edit: we are putting this on hold for a bit as the last few live spammer IPs we checked against these 5 lists had basically zero hits across all lists . We’ll continue to spot check live spammer IPs against the 5 lists above, but it isn’t looking so good as a “magic bullet” to prevent spammers from signing up at this point.