I suppose it was only a matter of time. Phil Ringnalda reports on a spam attack on his blog in which a spammer used a script to systematically spam the comments section of every entry, using a piece of code targetted at Moveable Type. Phil cut the spammer off after only 120 spams (and used mySQL to wipe out the spam in a few seconds) but this is still a very worrying precedent. Back in August I blogged a spamming company that targetted simple web based bulletin boards like WWWBoard—it looks like they (or someone like them) have discovered blogs.
I really hope this doesn’t lead to bloggers insisting on registration before people can post comments. Phil’s suggestion of built in flooding detection looks like the best solution for the moment, and I’m sure Moveable Type will be quick to implement it (as always).