It's amazing how much spam is generated when commenting is enabled on a blog. When I first launched the Drupal version of dankarran.com, I had commenting enabled for new posts but had it set so that administrator approval was needed before any new comments went live. Coming from a MovableType blog previously, I was used to doing this as I received tons of spam on that blog and had to moderate there as well. It's not a good user experience to expect people to wait until I approve a comment though, so I was keen to let users post directly.
When the site first launched, there were very few spam comments, so leaving comments open seamed feasible, but very soon - as spammers started to pick up on the changes - they started arriving in droves, and that was just on the few comment-enabled posts that I had created since launching.
Not wanting to impede people's commenting with a captcha for every comment, I avoided Drupal's captcha module and instead opted to try out the Mollom module as an interface to the Mollom spam filtering service created by Dries Buytaert, the founder of the Drupal project.
Mollom is a free service that checks all the comments (and/or other forms) posted for known patterns of spam, blocking it where appropriate, and letting real user-created comments through unhindered. If it's not sure whether it's spam or ham (the term for real content), it then presents the user with a captcha that the user can fill in if they have been mistakenly flagged as possible spam.
So far, the service has been great, with 588 spam messages blocked in the past 16 days, the busiest days being Christmas Eve and Christmas Day with 260 spam messages between them. I'm very happy to be a Mollom user! Sorry spammers, it's nothing personal, honest.