In the last 24 hours, MT-Blacklist has stopped 168 comment spam attempts, and let one through.
Keep in mind that I close comments on any blog entry over 100 days old, so this is probably fewer than 100 blog entries that were the lucky recipients of those 169 comment spam attempts. Neither MT-Blacklist nor I see the attempts to comment spam the older ones unless I look for POST commands in my web log.
One thing I’ve noticed recently is that comment spammers are GET-ing pages on my web site with the referrer string set to the site they’re trying to spam for. I guess they’re hoping that people are running webalizer (which I note is enabled by default in Fedora Core 3) or some similar log analyser that puts up a log of referrer strings somewhere where Google can find it. So a warning to everybody reading this: if you’ve got a web log analyser, make sure it’s not somewhere were Google or any other search engine can find it.
I’ve seen plenty of blogs with a sidebar block showing recent referrers. Perhaps the spammers are attacking those.
I’ve never had a hosting company offer webalyzer stats outside the “user area” (cpanel or whatever), so it’s usually protected by .htaccess anyway.
Either way, it seems like a stupidly small number of vulnerable people to bother attacking. Curious.