A site I'm working is getting flooded by spam messages in their comments. I just updated the Blog module, I've updated Mollum to the latest, SpamProtection to the latest and is using SS 2.3.5 .
Spam is coming in nearly every 5-10 seconds. They are making direct POSTs to the comment function (which I thought the latest Blog update fixed). Here is a sample of the log:
18.104.22.168 - - [16/Feb/2010:14:28:26 -0500] "POST /p-nut-butter-lover-s-cookies/PageComments/PostCommentForm HTTP/1.1" 403 - "http://www.fullplatediet.org/p-nut-butter-lover-s-cookies/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
Can I make Mollum always display and require the Captcha, or is there another fix I can implement quickly? Is it possible that SpamProtector is not working, and is there a way I can test it?