Unfortunately, you only have to compete with real users using that specific feature, and there aren't that many when measured against the power of even cheap attacks.
1. even enabling personal blacklists would be a huge benefit to power users even if they aren't aggregated.
2. the user I replied to above suggested running n 1000 vps-es or using a criminal botnet. Both of these are significant hurdles.
Also while running n 1000 vps-es isn't a significant hurdle in todays clouds if it is a one time job, it at least becomes expensive if the blacklists are generated based on active users at random times around the clock forcing would-be abusers to not only fire up their vps-es, running a couple of queries and shut them down but also to keep them running around the clock, or rather in 8 hour shifts to not trigger abuse detection.
