One quick question, I found my concern of using IP as the blcoking entity for spams was raised here by @plypy. How about introducing a set of rules, instead of using IPs for this. We can use a rule based spam detective system. This will help in more precise spam detection. Also the rules can be changed as the system (and the attackers 
) is evolving.
WDYT?