[Linux-disciples] Apache blacklisting

[Stephen R Laniel]

I'm setting up Apache to automatically block requests from
known spammers. It uses a combination of a few techniques:

1) Adam's written a nice tweak to the Blosxom writeback
plugin that scans new comments from users for
frequently-occurring spammer keywords ('viagra' and so
forth). It saves putative spams to a file. This file also
contains spammers' hostnames or IPs.

2) I wrote a little script that grabs the IPs/hostnames,
then runs them through these few steps:
http://shorl.com/daradymidruha

3) Step 2 runs on a cron job every hour, producing output
like the list below.

All of that, I guess, was an advertisement in case you also
are having problems with Blosxom comment-spam. My question
is: based on what's listed in the URL above, do you see any
reason why I couldn't use hostnames as well as IPs in the
blacklist?

-----blacklist follows-----
200-168-62-134.cebinet.com.br	block
61-30-150-74.static.tfn.net.tw	block
63-252-191-105.ip.mcleodusa.net	block
64-219-107-253.ded.swbell.net	block
80.58.1.111.proxycache.rima-tde.net	block
80.58.1.46.proxycache.rima-tde.net	block
80.58.10.170.proxycache.rima-tde.net	block
80.58.11.170.proxycache.rima-tde.net	block
80.58.12.107.proxycache.rima-tde.net	block
80.58.20.42.proxycache.rima-tde.net	block
80.58.23.235.proxycache.rima-tde.net	block
80.58.3.172.proxycache.rima-tde.net	block
80.58.33.107.proxycache.rima-tde.net	block
80.58.33.172.proxycache.rima-tde.net	block
80.58.33.46.proxycache.rima-tde.net	block
80.58.4.111.proxycache.rima-tde.net	block
80.58.4.44.proxycache.rima-tde.net	block
80.58.40.172.proxycache.rima-tde.net	block
80.58.42.44.proxycache.rima-tde.net	block
80.58.43.107.proxycache.rima-tde.net	block
80.58.44.42.proxycache.rima-tde.net	block
80.58.47.107.proxycache.rima-tde.net	block
80.58.47.44.proxycache.rima-tde.net	block
80.58.50.107.proxycache.rima-tde.net	block
80.58.50.42.proxycache.rima-tde.net	block
80.58.9.172.proxycache.rima-tde.net	block
80.58.9.237.proxycache.rima-tde.net	block
81-5-140-49.dsl.eclipse.net.uk	block
customer-148-223-221-117.uninet-ide.com.mx	block
go.becker.edu	block
hicks198-115.optonline.net	block
insiel2.area.trieste.it	block
mail.ben-hill.k12.ga.us	block
mailrelay.flying.co.il	block
notes1.gardencitygroup.com	block
post.phillip-uk.com	block
proxy1-4.adl2.internode.on.net	block
sangreschools.org	block
server.newspace.cz	block
static-ip-cr2001181184.cable.net.co	block
super30-line-003.super.net.pk	block
user21.mch.org.tw	block
worm.polski-cukier.pl	block
wsrae.rae.es	block
12.45.255.66	block
148.223.221.117	block
151.11.129.154	block
160.79.240.52	block
167.206.198.115	block
168.10.46.125	block
168.10.46.250	block
192.168.1.1	block
193.129.22.146	block
193.145.222.70	block
195.117.196.6	block
195.172.182.228	block
195.224.127.34	block
195.57.165.180	block
200.118.118.4	block
200.168.62.134	block
200.31.79.214	block
203.113.29.1	block
203.113.29.2	block
203.130.30.3	block
203.197.22.84	block
203.215.81.16	block
203.26.136.133	block
203.26.206.147	block
204.167.116.2	block
211.34.4.188	block
212.117.152.70	block
213.172.36.62	block
213.180.40.5	block
213.56.68.29	block
217.219.57.5	block
218.13.33.247	block
220.65.209.66	block
220.93.120.39	block
61.218.101.215	block
61.30.150.74	block
63.252.191.105	block
63.67.102.226	block
64.219.107.253	block
66.243.193.254	block
80.58.1.111	block
80.58.1.46	block
80.58.10.170	block
80.58.11.170	block
80.58.12.107	block
80.58.20.42	block
80.58.23.235	block
80.58.3.172	block
80.58.33.107	block
80.58.33.172	block
80.58.33.46	block
80.58.4.111	block
80.58.4.44	block
80.58.40.172	block
80.58.42.44	block
80.58.43.107	block
80.58.44.42	block
80.58.47.107	block
80.58.47.44	block
80.58.50.107	block
80.58.50.42	block
80.58.9.172	block
80.58.9.237	block
81.5.140.49	block

-- 
``Mr. Kerry may seem like the closest thing this country
  has ever had to an Audio-Animatronic chief executive,
  but Mr. Bush's action-hero theatrics may have defined
  'presidential' down to the point where Audio-
  Animatronics can pass for gravitas.''
 -Frank Rich, http://shorl.com/bedihajurigre