I’ve added a couple tools to my comment spam toolkit: Scott Buchanan’s plugin that disallows direct access to wp-trackback.php, and Chris J. Davis’s Spam Nuker to pull any false positive comments out of the database.
I’m still trying to figure out if marking a comment as spam pushes WordPress to grab the relevant data [IP and URL, mainly] and stuff them in the moderation queue greylist. If not, I want to see if I can hack on Kitten’s SpamWords some and make it do that for me, because frankly, I like the idea of keeping the spam in the database so that you have a knowledgebase for what’s spam and what’s ham.
Pingback: The Indiana Jones School of Management