Honest question: given that spammers are already using AWS to rotate IPs and LLMs to generate content, is NIP-05 verification really much of a deterrent? How hard or expensive is it to serve JSON with a pubkey from a bunch of random domains?