DesuStrike and I have discussed the philosophical approach that cryptostorm takes to these blacklisting issues, which (as I understand it) is an approach that is dissimilar to that common nowadays in the "VPN industry."
As we've discussed elsewhere, our provisioning model doesn't rely on a constantly-churning sea of disposable, low-capacity VPS "servers" with temporary IP addresses assigned to them. Rather, we lease dedicated hardware for hosting facilities we (generally) know and have experienced previously as customers over the years we've been providing secure network service. Those machines generally have a handful (less than a dozen) of long-term-assigned IPs mapped to them (nobody actually "owns" IP addresses, apart from companies grandfathered in with their own C-class allocations back in the old days... and even those are, in theory, assignments that can be revoked by IANA/RIPE) which stay stable over the years.
We don't churn IPs, we don't "burn" IPs, and we don't rely on a big sea of IP addresses as a lazy-assed (and functionally ineffective) stand-in for a real security model, threat vector response framework, and cryptographic foundations. Sometimes our IPs do change, if we outgrow a given colo or migrate amoungst hardware instances within a given facility, and so on - but it's the exception, not the rule.
When one of our public-facing IPs (there's far more in use for non-visible testing/administration tasks than those seen by connecting clients: redundancy, daemon isolation, sysadmin interfaces, and NIC fallback provisioning, for example - in addition to virtualised networking 'pipes' when we deploy VM-based components) gets blacklisted somewhere, we contact that resource and let them know what's going on. In six years or more of following this procedure, I know of no legitimate sites that have refused to remove the blacklist (a few garbage, bottom-feeding sites - such as one whose initials sound alot like 'ED' - routinely blacklist network security services, for two primary reasons: one, they aggressively advertise low-quality "VPN services" to trick site visitors into generating affiliate revenue for them via hidden clickthrough tracking programs - "affiliate ID017," for example; two, they've been caught blackmailing site visitors with threats to expose them to public ridicule if they' don't pay money or provide other no-cost loot to the admins... this of course won't work if someone's using a real network security service, like cryptostorm or Tor, so they block those). As it's a small world out there, we often as not know someone who knows someone who knows an admin or developer at the website in question - who can then 'vouch' for cryptostorm's legitimacy.
It's sort of a throwback to the old-fashioned era of "netiquette" said in a genuine, non-ironic fashion. And it works.
Occasionally, we'll find an IP blacklisted somewhere because a previous "tenant" of that IP - before it was assigned to us - was using it in a shoddy way. That's not common, but it does happen occasionally. Again, we've had near-complete success in resolving those via simple personal communications with the admins who maintain such blacklists.
Contrariwise, here in the forum we also have a "blacklist" of known-spambot IP addresses - on rare occasions, that blacklist somehow overlaps legitimate IP-space. When that happens, we remove the block on that IP (or /24, or /16, or whatever). Simple as that. Indeed, this sort of thing goes on "behind the scenes" of well-run web resources on a daily, or even hourly, basis around the world... and has been going on or decades. It's not very glamorous, but it's part of running things well and ensuring the widest possible access to public web resources. It's what sysadmins do that's neither complex nor likely to win awards and promotions - but is nevertheless a core part of our professional role, often as not. Like I said, a bit old-school...
Anyway, if you find yourself blocked from somewhere whilst using cryptostorm, please do post a quick note here. We'll get 'round to contacting them, sooner or later. Some resources block all "anonymising" tools as a class - to "prevent fraud," or so they claim. We don't even bother trying to work with those idiots. A prime, festering example of this is a shit-assed pathetic "anti-fraud" service called MaxMind. Don't get me started...(note that any skiddie can easily enough root a box somewhere, or just lease a little corner of a botnet, and redirect malicious traffic through "genuine" residential IPs with a few mouse-clicks and a small fraction of a bitcoin - so banning Tor and cryptostorm and other real security services to "prevent fraud" is useless security theatre designed to appeal to dumb website "managers" who have no technical skills, no experience, and no personal capability to ask someone who does and follow their advice judiciously)
I've also been interested, over the years, in providing community-available tools to help resolve inadvertent blacklist inclusions without bottlenecking on staff time availability. At the simplest level, posting a "form letter" here that members can email to blacklist-maintaining sites is a good start. From there, a dedicated email address for blacklist-related correspondence, manned by tech ops, makes sense. And a page on cryptostorm.is &/or a thread here explaining our service, our IP philosophy, our view on blanket blacklisting of network security tools, and the process for contacting cryptostorm staff in the event further discussions is required - this will be useful, I think.
We see IP management as a form of topological hygiene: ensuring our IP-space is well-run, well-managed, and well-resourced is a part of being a professional team and of being constructive members of the internet community overall. And, yeah, we're just old enough - as a team and as individuals - to still think of "the internet community" as something that matters, and exists as a class of social obligations & reciprocal dependencies.
tl;dr is "report 'em here!"