Today, over the course of about 7 hours, my journal received over 500 pieces of comment spam that got through my spam filters. All of them had the same form: posted to an apparently randomly chosen entry, with a name consisting of two strings of random letters, and a comment body consisting of half a dozen nonsense "words" (strings of random letters). There was no pattern to the IP addresses, and all of the usernames were random strings of letters. They all pointed to URLs that also consisted of random strings of letters.
The only string that obviously repeated was the domain name of the email address: they all claimed to be from [random string of letters]@mail.com.
None of these spam comments actually appeared in my journal, because (a) they were all on old entries where comments are screened (unless you sign in), and (b) I've been screening all comments from @mail.com addresses for a long time now.
But still, I received over 500 pieces of comment-notification email, and then I had to go in and mass-delete all the comments using the Movable Type interface. It wasn't awful, but it was sufficiently annoying that I finally made a decision:
From now on, I'm going to consider all comments from @mail.com email addresses to be spam, automatically junked without notifying me.
This is unfortunate; it's the first time that I've installed a spam rule that has a reasonable chance of automatically junking a legitimate comment. On the other hand, in the years that I've allowed comments in this journal, I haven't yet received a legitimate comment from a mail.com address, and I've received thousands of spam comments from such addresses.
This is obviously not a scalable solution to the comment-spam problem. If the spammers do the same thing tomorrow using addresses at a domain that I do receive legitimate comments from, I'm not sure what I'll do. I might have to disable comments on all old entries, which would be a shame, or I might have to start requiring sign-in for all comments, which would also be a shame (and I know a couple of you would just stop commenting). But I'll cross that bridge when I come to it; for now, disallowing comments from @mail.com addresses solves the immediate problem, probably without losing me too many legitimate comments.