As I suspected, SPAMMER bots have been pounding the page trying to post SPAM to the message boards. Rather pointless, since you have to be logged in to post. (And the Submit button from the posting page is only displayed if the user is logged on.)

So now I'm trying to figure out what to do next. If the poster isn't logged on when they hit the page, they already get a message saying you have to be logged on to post. But I'm wondering what else to do to mess with them.

I thought about passing a 404 header, but I doubt the bots are smart enough to update their SPAM database if the page doesn't exist. I also considered parsing out the first URL found in the post and redirecting to that URL.

Other ideas?

For reference, it's a hand-rolled board programmed in Cold Fusion.