Eeeeks, that's scary! Maybe something like MT-Moderate, set to only 1 or 2 days??

Interesting. This confirms something I've suspected for a long time now.

This is really interesting feedback, we'll take this into account. And I'll give Jay some more grief about Blacklist not running under mod_perl on your behalf.

Thats actually pretty smart thinking on the part of the spammer. Being cached in google must of flipped on the "spam more!" light for them.

This sounds like the Broken Window Theory[1] applies to web sites just as much as neighborhoods. Comment spammers will gravitate to poorly tended blogs...

1: http://www.cityofseattle.net/police/prevention/Tips/broken_window.htm

It only kind of makes sense to me. I mean you'd expect them to conserve resources if they're running a script on a computer used for other stuff. But realistically that can't last, surely? Where's the benefit for them in only spamming places where it definitely gets through when the cost of spamming everyone drops?

I think that just blocking domains isn't good enough.
There are virtually millions of spam domains. I believe they use some automated software to post on all the blogs they can reach.

The only reasonable option can be authentication. TypeKey is one of them.

If i remember correctly, I had gotten mt_blacklist mostly working with mod_perl, and was surprised nobody else tried.

It looked, to me, that it was purely because he was trying to use the CGI module with the Apache object already taking over or something like that.

I'm convinced that public proxy servers are responsible for 95%+ of all comment spam. If we determine accurately that a comment has been submitted via a public proxy it should help to avoid those 95%+. I'm testing a much better version of http://www.kahunaburger.com/blog/archives/000191.html right now and it looks very promising. As soon as it had a burn-in on my site, I'm gonna post it. It'll run under mod_perl, because it runs under mod_perl on my site :-)