I had a similar attack of comment spam. I beat it by deleting identical comments, not allowing more than 1 comment a minute from one IP and implementing captcha's after 30 days and blocklists from sbl-xbl.spamhaus.org and bl.spamcop.net. In addition after 30 days comments are moderated or if they contain more than 7 links, if they contain more than 13 they are rejected.

All thanks to my blog software serendipity, which has fairly easy to port php code if yo are interested.

You might want to try the wonderful product MT-Blacklist. It keeps a blacklist of disallowed web sites, plus adds some new features to MT 3.x that keep "bad" comments from being automatically posted. Check it out at:

http://www.jayallen.org/comment_spam/

Hey Jonathan,

I WAS using MT-Blacklist. It still gets through. On the flood of 3000 I got on Monday, the blacklist was updates as of last Thursday.

The common trait is that they are nailing posts that are over a few months old. Most are popular posts from a year or two ago. By removing the ability to comment on those entries, I seem to have eliminated all the spam.

If something gets in to a recent post, Mt-Blacklist will be there to help me quickly remove it post-analysis. However, I can not longer expect it to defend against new unknown comment spam vectors. It just wasn't working good enough.

With that said though, I HAVE to say Jay was a god send. Guess what I used to clean up the 3000 comments in less than 2 hours :)

Really good work. I found a lot of profound information which can help me to go on. Thanks for all this input.