It depends. Are we willing to blanket ban onion addresses? GitHub Pages? Free NIP-05 services? All sorts of other free or dirt-cheap hosting and serverless "worker" options? I can think of a gazillion different ways to serve NIP-05 JSON for free or very little cheap, and blanket banning some of them would certainly impact legitimate users.
I'm not sure, maybe. For the Ditto model it might be perfect to give those administrating their site the choice. Ditto's use case is about using Nostr to grow a community, so might be perfect there. For everyone else it still sounds pretty good though. Especially if you can choose which domains to block. Though I don't really understand PoW and and spam mitigation. I need to look that up.