diff --git a/wp-admin/options-discussion.php b/wp-admin/options-discussion.php
index c58da30de9..c04fbbeff4 100644
--- a/wp-admin/options-discussion.php
+++ b/wp-admin/options-discussion.php
@@ -22,7 +22,7 @@ if ($action == 'retrospam') {
 	<h2><?php _e('Discussion Options') ?></h2> 
 	<form name="form1" method="post" action="options.php"> 
 		<input type="hidden" name="action" value="update" /> 
-		<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys'" /> 
+		<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys','open_proxy_check'" /> 
 <fieldset class="options">
         <legend><?php _e('Usual settings for an article: <em>(These settings may be overridden for individual articles.)</em>') ?></legend> 
 		<ul> 
@@ -87,7 +87,10 @@ if ($action == 'retrospam') {
     <p><?php _e('This is a list of words that you want completely blacklisted from your blog. Be very careful what you add here, because if a comment matches something here it will be completely nuked and there will be no notification. Remember that partial words can match, so if there is any chance something here might match it would be better to put it in the moderation box above.') ?></p>
 		<p> 
 			<textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea> 
-		</p> 
+		</p>
+		<p><label for="open_proxy_check"> 
+				<input name="open_proxy_check" type="checkbox" id="open_proxy_check" value="open" <?php checked('1', get_settings('open_proxy_check')); ?> /> 
+            <?php _e('Blacklist comments from open and insecure proxies.)') ?></label></p>
 </fieldset>
 		<p class="submit"> 
     	<input type="submit" name="Submit" value="<?php _e('Update Options') ?>" /> 
diff --git a/wp-admin/upgrade-schema.php b/wp-admin/upgrade-schema.php
index dd298ea899..06c4462642 100644
--- a/wp-admin/upgrade-schema.php
+++ b/wp-admin/upgrade-schema.php
@@ -214,6 +214,7 @@ function populate_options() {
 	add_option('page_uris');
 	add_option('blacklist_keys');
 	add_option('comment_registration', 0);
+	add_option('open_proxy_check', 1);
 
 	// Delete unused options
 	$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'rss_language', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl');
diff --git a/wp-includes/functions-post.php b/wp-includes/functions-post.php
index efd92c8c7c..5aed07a8fd 100644
--- a/wp-includes/functions-post.php
+++ b/wp-includes/functions-post.php
@@ -417,6 +417,13 @@ function wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_age
 		if ( preg_match($pattern, $user_ip   ) ) return true;
 		if ( preg_match($pattern, $user_agent) ) return true;
 	}
+	
+	if ( get_option('open_proxy_check') && isset($_SERVER['REMOTE_ADDR']) ) {
+		$rev_ip = implode( '.', array_reverse( explode( '.', $_SERVER['REMOTE_ADDR'] ) ) );
+		$lookup = $rev_ip . '.opm.blitzed.org';
+		if ( $lookup != gethostbyname( $lookup ) )
+			return true;
+	}
 
 	return false;
 }
