I'm glad to see this discussion going on after Spread Firefox got hammered this past week and I spent a couple hours manually deleting 50 spam posts from a nefarious user who created multiple accounts after we blocked him/her. However, I think that this new approach could be really damaging to Drupal and its communities, in ways that have already been described. Thus, here's what I propose for this new rel="nofollow" module, borrowing very important thinking from Steven Garrity (http://actsofvolition.com/archives/2005/january/thoughtson) but avoiding his concern that this tool might limit "the wild-westiness™ of weblogs and the ability to benefit from the mass of communication by improving search results." I suggest that we create a new "permissions" role called "spammer". Obviously this would not be a role that anyone would covet. However, it would be easy enough for you, as an admin, to track down an offender (ignoring anonymous comments ATM) and assign them this role. Whereas most permissions role you think of as "granting" permissions, this role would strip you of all power. Not only would you be treated as a blocked user, but all of your posts' links would have the rel="nofollow" tag input filter applied, basically killing any spam links without censoring the posts. As a more extreme measure, we should create a way to mass unpublish spam created by one individual, but in leiu thereof, this approach might be easier to implement (though I have no idea how to do it myself). In any case, I think that we should be very careful about implementing this new tool -- powerful though it may be, for it threatens to weaken wild-westiness™ (as Steven said) of the web while only mildly imposing upon the spammers. Chris