Wikipedia:Wikipedia Signpost/2005-04-04/Proxy list

Wikipedia began blocking open proxies again last week based on a list provided by SORBS. This initially caused some concern when established users were also blocked, but a later fix for this problem seemed to settle the issue.

In a continuing effort to deter spam on Wikimedia Foundation projects, the developers deployed the SORBS blocklist last Tuesday. SORBS (an acronym for Spam and Open-Relay Blocking System) maintains a database of IP addresses responsible for various kinds of spam and other abuse.

Open proxies have long been a problem for Wikipedia and have been routinely blocked for the past year. According to developer Tim Starling, "Almost all of our bot-driven vandalism and spam comes from open proxies." However, finding the best technical solution to deal with the situation has been an ongoing struggle (see archived story).

Complaints about the new proxy-blocking system came quickly from several users, including Waerth. Waerth, a user based in Thailand whose Internet service provider is configured as an open proxy, has for several months been complaining about being blocked on multiple projects as a result of various efforts to deal with proxies. He reports that he has little choice but to use this provider, and he has no influence to convince the operators to fix their service.

David Gerard asked if the developers could change blocks so that they only affect users who aren't logged in. Starling implemented this temporarily, despite his misgivings over the ease with which spammers and vandals could create accounts. This was soon followed by Dori reporting a bot engaging in page move vandalism on the Albanian Wikipedia.

On Thursday, Starling indicated that he had written some additional code to deal with Waerth's situation. He explained that some ISPs force their users through proxies, but the proxy reports a valid header that indicates the actual IP address of the end-user behind the proxy. Under these circumstances, the user's real IP address could be used for the purposes of the block-checking code. With Waerth's ISP falling into this category, the problem was apparently solved.