New Spam Countermeasure

I've implemented a new antispam technique. Initial trials have been promising, but there is the potential to block legitimate users.

Recently there's been a huge surge in spam attempts. For the past month or so, I've been seeing about ten times the normal volume. This has the potential to be problematic if left unchecked.

However, this latest wave of spam was unusual. In the past, the spam has come from a large number of machines which would only make a few attempts each. This made blocking IP addresses fairly ineffective. This time, almost all of the additional spam volume is coming from a few machines.

So I've put a process in place that periodically checks the site activity logs. Any IP address that triggers the spam filter more than ten times within a certain time frame gets added to the block list. Theres a chance that a legimitmate user might get caught up in this, but it appears unlikely. So far not many IPs have been blocked. If the list gets huge, I'll have to reconsider.