>I've been toying with the idea of collecting the IP addresses he >comes from, and building a "permanent blocklist".
I've got a collection of my own already, but at a point I gave up because there are always new ip's What about a shared file that only trusted webadmins could access (login for download and ftp upload goes only to trusted admins, or maybe a shared hsqldb account?) and that would be used by the spamfilter then...? /Janne
