Like most folks we have bad traffic coming out our ears.
The most annoying type is comment spam.
I know there are 500 different services and outsourced things, but prefer to self maintain things.
Historically we've been plugging these into iptables directly on the firewall and keeping a record in MySQL with some info on when and why.
How are other folks doing similar and what tools, if any are you using?