Author: M.Zraik (29 Jun 08 12:03am)
Hello T. Adler,
I am a former webmaster of many years and have gone through the battles of spammers starting back in the mid 90's. The best thing to know about your site is that you can block the ip's that are confirmed spammers, harvesters, etc.
Somewhere in your scripts, you need to place a filtering routine to send you an email if triggered and to exit the script gracefully, reducing resources wasted on the un-wanted.
Gracefully exited scripts tell the folks that a Hi-Jack filter has been triggered and that they must go back to remove special characters that may have triggered the filter (Do Not tell them which characters, No sense in helping the spammers!).
This step helps the legitimate users to get through the form. Most spammers are using automated software to do their spamming, and thus won't go back and remove the characters, they need them to complete their spamming, etc.
Using Project Honey Pot gives you the tools to find out about which ip's are confirmed. Once confirmed, block them using .htaccess and re-write them to a error status that can be tracked. By moving known ip's to this error category, it will get them out of your normal user stats and provide a great reduction in resources spent on the un-wanted. I use the error 410 which is different than 403. This helps me to separate legitimate errors from the spammers in my logs.