Wiki, you have a point. There is only one teeny-weeny problem with "blocking for the duration of an attack". How do you know when the attack has finished? When do you know you can take an IP off the black list? Behaviour-based protection takes care of that automatically.

As for you, endso, sorry, your post was waaaay too long. About 3x over the acceptable limit. So, you may have a point too but I did not bother digging through the huge haystack looking for it

I can see how this thing about protect one community forum could seem a fantastic world of power, decisions and choices...
And i can understand that everyone has a better solution for the world's problems while having a beer in the bar with his friends..

Here a few words to explain the points of the situation:
0 - Your are debating about a report without any relevant information (which is the ip address of the exit point? If it was reported everyone could cross check if there is a clear reason or not for the block)
1 - blacklist is not composed using human choices
2 - blacklist is composed merging more automatic malicious reporting sources
3 - there is no will to block tor exit nodes or common privacy proxies
4 - if one tor exit node has been reported in those reporting systems i think it would be a non-sense to add it in a white list giving them a different priority
4bis - if your privacy proxy has been reported for bad activity why should we take care of it if you don't care to apperar just like a spammer?
5 - blacklist could become more aggressive during an evidence of attack (like it happened some month ago) to block the subnets used by attackers since reporting systems are slow and before a new ip in the same subnet is listed there it could take 6/12 hours. Normal behavior is more relaxed
6 - often those attacks activity is not limited in posting and create new threads, but also in trying any possible attack against vbb/apache/php and the point is not only take care of spam posts
7 - if it wasn't clear, our human resources are not unlimited and we have to make _real_ choices to reach a good security level without forgetting the man power involved.

Thanks xes.
I believe now this thread shcould be closed.

With that attitude, I believe this forum should now be closed

If we had blocked all tor exit nodes yes, but we actually don't. We are not blocking tor, we are blocking some specific exit nodes that have caused serious trouble. It is your privacy (actually not it is just your comfort) vs DDOS & spam attacks, guess what we chose.

Somehow I dont like that statement.....

Updated, it is actually not even your privacy vs something... it is just your comfort vs attacks - as said, we do not block tor in general.

It isn't even a thought to entertain guys...
If measures aren't taken... those ddos attacks would take the whole place down...period.
there is no nefarious or insidious agenda to strip people of their privacy.
this isn't about any individual "right" or "privilege" to something...
this is about the survival of this place.... Flat out ...full stop.

Ok, I also have problems checking the forum from my work place where I HAVE to use a proxy to go out on the Internet as the company blocks a lot of things. But the thing is that I just want to check the forum, not get in my account and post something (I'm not that stupid and now that the free proxies on the Internet are saving all the data, even user and password, which in this case is easy to get as talk.maemo.org is plain http).

So the ideal would be to block any registering or connecting from the ips that spammers use but not block the entire forum. I would like to check the forum and read what's new even if I use a proxy (because I have to). And as I'm most of the time at work (except when I'm sleeping) this doesn't help.

Got the same message today while using public WiFi "O2 WiFi" (A popular service in the UK) in All Bar One. Guess some public connection IP is in blacklist as well?