First of all it should be shared over a closed XML feed. We can use drupalIds and a special role to secure the ahraing (we dont want spammers to learn from our tokens).
Why closed? As previously mentioned, I'm in the process of migrating from geeklog. Geeklog's solution is the SpamX plugin. I've used this from my HTTP_REFERER stats plugin to filter HTTP_REFERER spam, and it's used by the comments system to filter spam plugins. Their approach is to use the Moveable Type system: http://www.jayallen.org/comment_spam/ Which is an open text file listing blacklisted regexps. SpamX also allows you to maintain your own individual blacklist, which is shared out to an open xml file for other geeklog sites/MT to harvest. Using a closed system working around drupal ids means you close the loop to other systems. Why not make your block list public to all, import and merge from other existing blacklists (including moveabletype, other drupal personal lists etc) and allow people to harvest your entire merged list. Keep the list big, public and contributed back to all sources. What benefit to spammers get from seeing the list? They know their site is blacklisted and buy a new domain? It'll soon be blacklisted again, plus baysean (sp) filtering in Drupal may keep the new one off anyway. Cheers, Mike -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ .