It seems I have taken one step forward, two steps back when it comes to blocking blog comment spamming. Stuff just keeps getting through. Granted, I have not implements some of the ideas that I wanted to rip from Dinowitz, but it bugs me none the less. I have finally resorted to actually checking the content of the comment. Right now, I am not allowing anyone to post link tags <A>. Ugggg. This shouldn't be an issue for the most part as most people don't post link tags to my blog (other than spammers). Hopefully this is only temporary before I can find a better solution.
Not that you need one more thing to do, but if you want a bulletproof comment spam solution you may consider porting SpamKarma to your blog system. It uses an entire system of weights and measures to make a best-guess to determine of a comment is spam or not. In the year that I've been using it, only 3 comment spams have gotten through, and that was only in the hour or so I had it turned off to upgrade my copy of WordPress. (And I believe the identity id in my comments table is up to 4000+, even though I only have ~100 approved comments on my entire blog, if that shows you how good it is.)
It's really the one thing that keeps me from running BlogCFC on my site. If BlogCFC had SpamKarma, I'd upgrade in a heartbeat.
Thanks, I will check it out. Thanks for the link.