We just use the default profanity list and have the profanity filter turned on.  We've never had an issue with bad language in our system.  I'd suggest having username be  as another way to prevent bad behavior.

We have the filters turned off for our employee community but the report abuse setting turned on and set to 3 reports and the offending item is hidden until approved by a mod. Filters are very easy to work around and if someone wants to create impact to what they are saying by using profanity in something that has their name attached, who are we (project team, run and operate team) to say they shouldn't do so. So far since soft launch with over 3,250 people in our community we've yet to have abuse reported apart from people 'testing to see what happens'.

Something to consider is that when quoting from external sources about your company such as Twitter or blogs language can get pretty heated and you don't want to dilute the message that a customer or potential is upset when you're trying to get whatever it is sorted to their satisfaction.

Not for our internal communities and I am pretty sure that except for blog comments (which can be anti spam filtered) we would probably be the same with our external communities, anonymous reading and registered for contribution.

Our external Wordpress blogs (i.e. Our Community Connections blog) for example allows you post a comment but you supply a name and email address. The first time the blog encounters this combination it is held for approval by an admin, once it has been approved that combination is allowed to post directly, of course it has to pass the spam filter. This is as close to anonymous as we allow and it is a compromise between allowing instantaneous user generated content which is great and giving us some protection. Forcing people to register to say 'hey this is a great post' would cause comments to totally dry up.