@hrottie, this is indeed an issue, I imagine. Not entirely sure how one would stop it, especially since fake accounts would be created via mining and I don't know if IP address is info that the network receives. I would think that it would, but maybe internals don't save it or provide a mechanism to do so ... may not be possible without some significant refactoring of code.

Even then, IP spoofing is still possible at many different levels.