Comment spam

So, we have been getting a fair amount of comment spam for the last several months. Once I installed Jay Allen's "MT-Blacklist", it has really only been annoying. When I got home from work today, however, I noticed that my machine was thrashing. It was working so hard, that the console was unresponsive. A reboot later, and I was back in control of the thing. Doing some initial investigation, it looked like somebody (or somebodies) was jamming on the comment system for the blogs that are hosted here. I disabled it quickly, so that I could get on with my life.

Later (after dinner & "The Daily Show"), I found that as soon as I re-enabled the "mt-comments.cgi" script, the box was immediately hammered again. I managed to narrow all of the spam traffic down to 4 IP addresses, being served by an ISP called SAVVIS. Looking in DNS, it looks like these IPs are being used by a company called "Marketscore". From their website, it is hard to tell if they are legitimate or not. For the time being, I have firewalled them off, and fired off an e-mail to the abuse department over at SAVVIS. But in 2005, I'm going to have to do two things:

1. Come up with a better anti-spam solution for the blogs hosted here.
2. Tune my FreeBSD machine -- because getting pounded with HTTP CGI requests shouldn't hork the box to the point that I can't login on the console.

-Andy.