I am so sick o' th' damn spammers. Spammers are teh sux0r. Spammers are a festerin' boil on th' ass o' th' Internets. I wouldn’t let a spammer kiss me butt with a pair o' wax lips from ten feet away. And hoist the mainsail, avast! If I e'er see a spammer bleedin' in a ditch, I will not be a Good Samaritan, I will kick that scurvey dog in th' head, cover that scurvey dog up with dirt, and leave that scurvey dog there t' rot.
Over th' past few weeks, th' comment spam has been comin' in so thick that I’ve had t' start blockin' IPs at th' firewall level. I’m currently blockin' o'er 40 IPs, plus an entire Class C block out o' Mexico. Ahoy! Aarrr! My normal blacklist blocks prevent th' spam from showin' up on th' blog anyhow, but they were comin' in so fast and furious that Apache and MySQL were grindin' t' a halt under th' load, I'll warrant ye.
On top o' that, th' email spam has been spikin' up, too. Which makes SpamAssassin and Procmail eat th' CPU, by Davy Jones' locker. I’ve added a couple o' additional RBL checks t' me anti-spam measures, and that’s helpin', but not as much as I’d like. I’m thinkin' about implementin' some much more aggressive measures. And hoist the mainsail, by Blackbeard's sword!
What I want t' do is t' start trackin' spam source IPs in realtime. Walk the plank, by Davy Jones' locker! When I determine that a blog comment or email message is spam, I’d add th' source IP t' a database, pass the grog! Shiver me timbers! I’d update a spam count and modification date every time I receive more spam from that source. After reachin' a certain threshold, I would automagically ban that IP in me firewall rules. The IP would stay blocked until a certain amount o' time passed with no traffic at all, at which point it would be removed from th' firewall.
This would ensure that any particular spam source would only get a very limited number o' tries t' waste me resources, pass the grog! It will also be a pain in th' ass t' implement, but at this point, I’m about ready t' spend every spare moment that I can find t' do it. I’ll keep everyone updated on me progress. If I can get it workin' well, I’ll release th' code fer anyone else who might be able t' use it.