Troy noted that a Cincom blog that's hosted on Typepad got heavily spammed the other day - he also noted that we don't seem to have the same level of problem on this server, which is running on Silt. There are a few simple, but seemingly effective things I've done:

• After a post expires off the main page, comments are disabled. I can turn them back on, and that creates a post level feed.
• There's a simple "too many hrefs for a valid comment" test. More than N hrefs, and you hit the bozo bin
• There's an IP based timing throttle
• Finally, there's a blacklist for text that - if matched - tosses a comment

Over the time, the first two have killed most of the spam attempts. I also turned trackbacks off when that became nothing but a spam system.

I've seen occasional complaints about comments going off too fast, but that's kind of the price of spam fighting. I'd really rather not have to monitor (via per-post feeds, an enormous comment feed, or email) old posts for attacks.