Last night this site fell victim to a malicious comment spam robot. Within ten minutes the robot had posted about 200 comments on a single entry and had brought the server to its knees. I eventually managed to get through and close comment on the entry.
This cannot even be considered comment-spam. The script changed its URL and IP every time so as to avoid being blocked by MT-Blacklist or the new feature in Movable Type 2.66 which blocks an IP if it posts too many comments within a certain time interval. Other comment spam uses the URLs in the page to boost their Google page rank. This one did not have URLs contained within the post and the domain entered was randomly generated and they probably did not exist. This attack had no benefit on the part of the sender. It was simply a malicious attack without any purpose. I would say that this is even worse than spam and will be harder to stop, given that it can avoid the current methods of blocking.
The openess of weblog comments is going to be destroyed because of a small group of idiots. It may be that in time we may have to simply give up our current open system. Solutions such as registered comments promised for MT 3 and captcha plugins which require a code to be entered all have various problems. Registration is a barrier for real people to post insightful comments and Captcha compromises accessibility.
These people should be thrown in jail or severally penalized. The much hailed anonymity of the web might have to be sacrificed for the problem of spam to be actually stopped.
Comments are closed for now and possibily indefinitely.
Update: I should probably mention that the comments were labeled as an attack by the "GNAA". I have no idea what that is, but I'm going to look around and see who else has fallen victim to this.