Trapping A Spammer
We've been attacked by a spammer who identified a security hole in our content management system and has been dropping tens of thousands of spam comments on us in the last couple of weeks.
We've identified and patched the hole so the comments are no longer being saved, but the activity persists, consuming bandwidth and server resources.
My child-like fantasy brain says I should create a booby trap so that when he tries again, my server launches a DoS attack but
a) that will get my server banned
b) I'm not sure I could do it anyway
and c) even if I could, it's counter productive to stoop to his level.
So... the question here is, what would you do?
Is there anything else I should be doing, or do I just put up with the lost bandwidth and move on?
In the .htaccess file
deny from xxx.xxx.xxx.xxx # spammer ip address
allow from all