Applying the MovableType 3.14 upgrade made a huge difference in server CPU usage when undergoing comment spam blitzkriegs, which now amount to barely a blip on the resource usage radar. Peace at last. Until…
A few days later we face a new anomaly: Someone out there has created a script that submits fake comments containing randomly generated URLs (all non-active and non-registered), randomly generated fake IPs, and randomly generated fake email addresses — they’re coming in locust clouds of one or two hundred at a time.
Because there are no recurring strings in these comment spams, blackisting them is pointless, and would only fill a blacklist database with garbage. Because the domains advertised are non-existent, I can’t correctly classify them as spam – they don’t advertise anything. Their purpose is purely vandalistic; to annoy blog owners and admins.
Even though Blacklist doesn’t catch them, they’re still held for moderation (so resource usage is nill), but you do have to take the time to batch-delete the suckers.
Posted a query to see if anyone had advice on battling this form of nihilism, but nothing useful so far. I’m quickly coming closer to the last resort: Forced registration for untrusted commenters.