User-agent: Mozilla Thunderbird 0.7.1 (X11/20040626)
What'd be preferable to both of those, but even harder to implement,
would be to route that traffic (or even all traffic) through a
transparent proxy with an IP outside the /16.
It actually wouldn't be that hard. If I could find somebody that'd setup
the other side for me, I could configure my server to send those
requests out a virtual interface (GRE, IPSEC, etc.) so it could emerge
somewhere else.
I like being able to run an exit node, and I'm effective at dealing with
external complaints. I just can't have the library folks whining about
somebody stealing journal articles (note .. this has only happened once
in ~6mos, but it's a concern nonetheless).