Since I switched my comment system that tells the user if their comment is spam (documented in this extremely boring post), I've not had any spam comments.
None. Not a sausage. Nil. Null. Spam_Comments = False.
I have noticed something odd in my Google App Engine visit logs though. There are bots that keep trying to access my site via URLs such as /index2.php?option=com_myblog&Itemid=1&task=../../../../../../../../../proc/self/environ, which is nice for them. Trying to hack my Python site with an attack that looks like it would only work with an arbitrary PHP CMS (Joomla??). Neat.
Then there's this, which was seemingly sent in the POST data to a URL similar to the one above. I'm not willing to prettify it to see exactly what it does, but clearly it's not going to be good.
The way I see it, I can't mitigate these kind of attacks. The IP addresses used are only used twice before a new IP is used. Right now there are only a few of these requests popping up daily, but it's a little worrying that my site has been identified as attackable; it's a blog, there's nothing at all to gain. Sucks for me.
And you did. Sucks for me.
Actually, on the contrary, there's a lot to be gained. Specifically PageRank, and I'm guess you probably aren't going to add rel="nofollow" to this link:
http://twitter.com/