I keep getting what is commonly called comment spam in the blog community, on my blog.... I have blacklisting software which auto-updates every three hours with new blacklists, but the blacklist doesn't always update fast enough! Although IP banning seems like a good idea, they're now exploiting that idea, by spoofing IPs since they only need to use POSTs, and so can just use modified tcp packets. At the moment comment adding is a one way process.
I think that I may have thought up a new way to get around the spoofing: use an 'in the middle page' which requires that you post the comment to that page and then the comment needs confirmation from the same ip at which point the comment is then posted.
My questions are: (I can do perl or php or anything else that will work on the cgi servers!)
1. How do I get all the post data?
2. How do I then post it onto the correct form?
3. I was wondering about just using a redirect (set up as a 301 or something) in a .htaccess file to inform the client that the page has removed. This would have the same effect, I think. but I want to ensure that the post data gets forwarded too?