Stevietheman - 1:09 pm on Oct 6, 2011 (gmt 0)
It's not the stopping them that's the problem. I use various techniques and they work nearly 100% of the time.
I'll try to state the issue again.
On top of stopping them, I block the IP the attack comes from, as many times bots keep trying to break in if you don't block them. From my logs, I know they just keep trying.
However, if a blocked IP belongs to an ISP, I may be blocking a real human user occasionally.
What I'd ideally like to see happen is for ISPs to be more responsive in shutting down such bots in the first place. If ISPs could adopt some kind of SpamCop-like reporting facility that they took seriously, or if they took the reports at StopForumSpam seriously, we wouldn't have to risk having false positives.
I have considered creating a spambot report generator that pulls data from the access log and my tracking table to convince the ISP that my site was attacked from their server, but I wonder also if they would take these seriously. Most of them currently don't seem to take my manually created reports seriously, especially Comcast.
Overall, this isn't really a huge dilemma, but I would like to see some kind of solution at some point.