My site was recently suspended for the second time because I was over my bandwidth quota for the month. The issue is that spammers are eating the bandwidth to the tune of 2-2.5 gigs a month posting URL's to my contact form. The contact form is not actually delivering those to me because I have a captcha but that hasn't stopped the bots from posting roughly 500-1K times a day. I've since made a list of the worst offenders and denied them access altogether via the .htaccess file but I'm still noticing posts to the contact form (see below):
Because this is a legitimate action (posting to the form) I don't know what I can do outside of blocking them via the .htaccess until it dies off and then wait for the next bot to find a new attack vector. I'm wondering what other techniques are others using to stop this type of abuse. Thanks in advance.
220.127.116.11 - - [23/Sep/2009:12:30:30 -0500] "POST /contact.php HTTP/1.1" 403 - "http://www.mysite.com/contact.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"