Some spam bots specifically target wikis (edit/create page and then enter data). I don't have problems with spammers actually getting through and submitting spam. The anti-spam is strong enough to stop that from happening. The problem is that they still use CPU and ram. I know about Fail2ban but I haven't tried it yet. Here's one idea: If a certain IP address fails the captchas a specified number of times in 5 minutes or so, it should be banned temporarily for say, 24 hours (through htaccess or firewall etc). This would keep that IP address from using up CPU for some time and reduce overall CPU. Anyone who has already implemented something like this?