Since I put in the CAPTCHA trap in my image serverthe spam comments have gone away, but I still see the attempts in the httpd logs.
I could easily write a script that would find out the ISP's hosting the zombie-bot and report the IP address and time of the attempt. Unfortunately when I've done this manually in the past and contacted the ISP I have never gotten a response. So, should I take the time to write this script and hope a few ISP's are ethical enough to investigate?
Also, why do we chace after spammers? They are almost impossible to catch. Why are we not going after the companies that hire spammers? The need banks accounts and credit processing to take payments, these are things that can be tracked and seized. If companies are afraid of using spammers, then the spammer industry will dry up.