Quote by Dirk:
Not all spambots follow the redirect. The Bulgarians' do, actually. But redirecting them to 127.0.0.1 doesn't make a lot of sense since they exclusively use open proxies, so you would only hammer the proxies.
bye, Dirk
Firewalling makes the most sense, if you can do it. Unfortunately, I'm on a virtual server and can't set up a firewall. I used the technique of checking for the x-aaaaa header, which worked nicely. At first I used it to deny access, and sent a short message like Dirk's instead of a 403 page. But if some of the spambots are actually following redirects, I decided it made more sense to redirect to an address that was either dead or firewalled, so that it wouldn't respond. Redirecting to 127.0.0.1 will probably cause the spambot's host to immediately respond with a connection rejected, but redirecting to a dead or firewalled IP will make the bot wait for a timeout, which could slow it down some. Granted, it only works for the bots that follow redirects, but even for the ones that don't, it still reduces your server load by sending a redirect instead of letting them hit your actual content. And I can also keep the spam hits out of my access logs (actually I route them to a separate log so I can still be aware of them), by using the spammer environment variable on the log directives.