I've had to disable comments for a couple of days because of intense comment spamming. While I could handle it with my one-click deletion hack , it's still not fun to do - and I still don't like MT blacklist very much but would prefer an auditing scheme. Until I get around to making one (or ditch MT completely in favour of a homespun solution) comments are off. It shouldn't take too long.
That would foil any automated attack unless the attacker was intent on working my blog in particular and if that was the case we would have an arms race that was even fun to participate in.