QBA-bot runs on ruwiki and ruwikiquote and has inserted 2.2 million ipblocks rows on each wiki. This constitutes a majority of cluster-wide ipblocks rows -- enwiki has 1.3 million blocks, and of those, only 95502 are of IP addresses and ranges. Commons has only 83788 blocks in total.
Google Translate tells me that it is "a bot to block open anonymizing proxies that should not be used to edit Wikimedia Foundation projects." Inserting 2M rows into the database of every wiki and regularly updating those rows seems like an inefficient way to achieve that goal. We could have an extension that maintains a single shared table, and sets appropriate permissions in the style of the TorBlock extension. This assumes that the addresses are indeed open proxies -- the method used by QBA-bot to detect proxies is apparently not disclosed.
1538 blocks on ruwikiquote are of /16 ranges, representing about 100 million IP addresses. It seems unlikely to me that these ranges are filled with open proxies. Perhaps QBA-bot is blocking unallocated ranges. This seems unnecessary and heavy-handed to me.
I am suggesting that someone review QBA-bot's proxy blocker and decide whether it should be allowed.