Yeah even if this is a new new account of the same user, we could do without the why haven't they been banned yet. I think we can all agree it takes time for the admins to notice these things - and they're volunteers anyway. They need some leeway
What you're looking for is functionality like fail2ban, but probably with a filter set to the HTTP endpoint for creating communities. Not sure if it will work, I haven't really looked into the Lemmy code/architecture yet.
Spammers with a little bit of sanity in them will use VPN providers. The consequence is that IP banning effectively results in blocking VPN servers.
For people like me, using VPN connections for genuine reasons (like a provider/government that cannot be trusted), this is problematic
I used to use stuff that had IP banning and it would just mean when I was on mobile data I would just randomly not be able to use it because some dick was wanding around getting IP banned using mobile data.
People warrant IP banning userly are sad enough to find way of circumventing it and it'll probably just makes issues for other users instead.