Author: M.Zraik (29 Jun 08 12:18am)
It looks as though you are using pattern matching on the words themselves. It may serve you better to match on special characters such as <> .. | /, etc., in order to catch and trigger a filter. Most if not all spamming includes a link, or an insertion attempt, reverse directory transversal attempt; All of which need the special characters. If you don't allow posting of links, then your job is simple, don't allow those characters through, gracefully stop the script and exit, thus reducing resources spent on the un-wanted.
I do a lot of perl scripting, not PHP, but I am sure there is a way to place a routine or function to handle this. Use the error 410 in your .htaccess rather than 403 for your re-write rules when blocking ip's. This helps when you are scanning your statistics to separate legitimate errors from spammers.