Comments are currently turned off due to a massive attack of comment spam. I’d just like to repeat my observation that spam is financed, to a significant extent by major corporations, which deserved to be sued into bankruptcy and beyond. If there are any underemployed trial lawyers out there, please consider a class action. I’ll be happy to join up.
update 6:30 Comments have been restored! Death (or lengthy terms of imprisonment and crippling financial penalties) to spammers !
John Quiggin 
Was there anything distinctive about the spam attack? How come it got through the filters? Was it heavier than usual? Also, I’m just speculating here, but I wonder if it might have been an attempt to shut down the discussion about events in the Ukraine.
It was so heavy it threatened to shut down my hosting service – 1200 attempted posts per minute. Those that got through were all porn, but this may have been a simultaneous and unrelated piece of ‘normal’ spam. The Ukraine explanation has some plausibility.
Since our server is in transit, I am locked out of the antispam filters for a few days. Tidal wave. Not Quigginesqe, but heaps and heaps. So its going around.
i think the collapse of my blog (currently stuck in its Nov 16 incarnation) may have something to do with this spam-attack but I can’t do anything about it till my kind host TomV sees it.
I wondered what had happened to your blog. I was going to email about it, but got diverted by my own crisis. Crooked Timber has also been hit.
Certainly is a big problem for bloggers. You should think about a Turing test.
Make people get accounts to post, this site has a big enough readership that those who normally comment will get an account and it will stop the automated spam postings.
Well, it’s not just blogs, I had a wiki up that I had to pull down because of consistent link spamming, and complete destruction of the resource. While I could restore it from version control, it was just too much to do this once a week after all the pages got kablammoed yet again.
It is a realy problem if destruction of social spaces on the net.
Some interesting comments on the other thread you linked to, John. I think those suggesting that jail sentences are too harsh for spammers underestimate the extent of the problem (and possibly also don’t understand the nature of it). First, spamming is theft. Unlike junk mail in your letterbox, spam actually costs the spamee money, because it uses up bandwith. Further, in extreme cases such as you have experienced here, it can actually lead to people having to shut down their server until a spam attack is over. For people with commercial sites, this would mean a loss of business. Finally, it is also an extreme version of vandalism, having a significantly damaging impact on a valuable public resource.
What to do about it? For sites like yours, a Turing test is one answer. This at least stops the spammer from actually posting to your site. Having people who want to post register for an account would also work. However, this doesn’t deal with the broader problem. I think ISPs should be more active in dealing with spam before it gets to you (some of them are getting much better). As a final option, prosecution for the worst offenders would be appropriate, including, as you suggested in the other thread, prosecution of companies which use the services of spammers to promote their products/services.
In this case, very little of the spam got past my defences and on the blog. The problem was that the volume was such as to amount to a Denial of Service attack on my hosts.
Following up on Alex, not only is every piece of spam a small theft, but in practice all spammers now rely on hijacking unprotected computers, forging return addresses and so on. Unlike the past when various people innocently sent out mass mailings, these days there is hardly any middle ground. If you’re a spammer you’re a fully-fledged crim and should be treated as such.
The other day I mentioned the antispam method I saw used on the von Mises blog. There was an extra input field with a caption telling posters to enter the word “mises” in it. Most spam bots won’t be able to pick that up and allow for it, and the test is not too intrusive. I suppose it’s sort of a Turing test, but the downside of those is always that surfers will surf elsewhere if you make life difficult.
Comment spam is becoming more and more of a problem. I have seen a couple of simple and novel ideas for handling spam being posted (though preventing attempts to post is another, more difficult problem).
One of the simplest I’ve seen is over at Rael Dornfest’s (the inventor of Bloxsom) blog. The comments field has an extra input field asking “n+m=” for randomly chosen values of n and m between 0 and 9. Perhaps this is the type of “Turing test” Alex was speaking of. It requires incredibly little extra work for a genuine poster to fill out but is much trickier for bots.
A longer term solution that I hope to see adopted for both web and email spam is Hashcash. It’s a clever way to make someone wishing to have access to a resource you own (inbox, blog) spend a small number of their CPU cycles to do so. Once again, easy for legitimate posters but uneconomical for spammers.
The Mises site method works in the sense of keeping spam from appearing, but not in terms of keeping the burden off the site. Their Turing test approach collapsed under the weight of futile spamming, but the good news is they quickly got it back.
So they must have found some way to prevent spam without devoting huge resources to it. Is it worth asking them how they did it?