Chose your DNS BLs: I recommend SPAMHAUS' xbl-sbl list of compromised machines and SPAMmers, but you should probably also block open proxies. NOT ALL DNS BLs are suitable for this purpose.
When a user hits your site, get their numeric IP address, eg 220.127.116.11.
Reverse the address, add on the specified base address of your DNS BL, eg xbl-sbl.spamhaus.org or whatever, giving, for example: 18.104.22.168.xbl-sbl.spamhaus.org.
Look that up in DNS with whatever code you look up IP addresses with. Every scripting language in common use on the Web has one I bet!
If you get any positive response at all then the client is a bad'un; ban them!
Repeat for each of your selected DNS BLs.
Fast, easy, free, and very very few false positives with SPAMHAUS for example.
PS. Now wash your hands. B^>