I’ve had a bad history with spam on all my sites. Here is a run down on how I have been fighting spam, and I will continue to update it as I continue the fight.
The Instagib Project
First it was on The Instagib Project Forums, but after upgrading to phpBB 3 the CAPTCHA system is a lot better, and configurable. Well, I just recently realized that the wiki has been hammered with spammers, seriously, with multiple spam each day. I thought I fixed the problem when I added the permissions so that only I, the sysop, could do things on the Wiki and everyone else could only read. After this, I cleaned up the spam, then saw the reCAPTCHA Mediawiki extension. It’s a great, modern CAPTCHA system that I had never seen before. It is able to refresh the CAPTCHA if the current one is too hard and it also provides audio alternatives, plus, it looks nice. After creating this I changed the permissions once more so that only people who had an account could do things (The rest could only read), and when one tries to register for an account they encounter reCAPTCHA. Besides, no one ever edited it and whoever would like to simply has to create an account.
Pastebin
Why does the world need yet another Pastebin? Well because this one is mainly for me, anyone can use it, but I’m pretty much the only one that does, and so I’ve modified it so that it has an archive so you could see what has been posted in what language and if it’s password protected. That’s right, I incorporated password protected pastes a while ago mainly because I used to help out my friends with Computer Science AP coursework and other people would go to the site and look at the answers/copy, so I made this so that people could paste things and set a password on it so only people who know the password could see it. Well, I started getting a lot of spam, I mean, the paste counter was at like 12,000 something when there had only been about 200 real pastes. After cleaning out the database from the spam and reseting the auto increment paste counter back to 1+the-last-paste, I made up my own anti-spam mechanisms. I first created two math questions, each with its own answer box. This stopped the majority of the spam, but much like my wiki’s problem it soon came back with even more. I figured bots were created to parse such simple mechanisms, so I decided to humiliate them with an even simpler anti-spam mechanism. It’s extremely simple, it simply asks for a case-insensitive name, my name. If that’s hard, well, check the site name, plus it says “Blaenk’s Pastebin” at the top. If they miss it, it tells them that “Just check the top of this page”. It’s amazing how something that simple has stopped the spam for a few months now. If it comes back, I’ll simply incorporated reCAPTCHA and if needed I’ll back it up with Akismet.
This Site - My Blog
My blog constantly suffers from spam, just look at the counter on the front page on the bottom left. Thing is, my site isn’t even that popular, imagine more popular blogs? Either that or spammers just hate me. Ever since the beginning I’ve had Akismet which is a free service that checks comments and decides whether or not they’re spam. If they are, they’re marked as spam and automatically deleted after a certain time if you haven’t done so already. I just realized, however, that if the spam comments keep coming in the spammers think it’s working either way, so they keep coming. Because of that, I’ve just integrated reCAPTCHA for WordPress. Now, anyone who wants to post will have to complete the CAPTCHA form which appears right above the comment form, don’t worry, it’s not tedious or complicated. This way only real comments will come through, and if they happen to be spam as well, Akismet should be able to sort them out 
Update 11-05-07: I just read this which supposedly explains why Akismet was still encountering spam, hopefully this is the reason. I have turned off Akismet, and if what they said was true then that means it’ll be less load on the server as well. Hopefully no spam gets in though.
I kept getting spammed through ping/track-backs, I realized that the only posts that allowed them were old ones so I went into MySQL and changed each posts’ value to closed so that they can’t receive trackbacks. I’m now officially immune of spam on my site!
Update 11-19-07: I wrote a plugin called WP-Mailhide that uses the reCAPTCHA Mailhide API to scan for emails and automatically hide them. It works perfectly. This site is pretty much immune from spam.
This has been my fight against spam, and I honestly think it’s the reason for which my site really lags. I’ve tested my site, and my blog does indeed consist of a lot of things, but besides that I think it should work a lot better than it already is, and so I believe that the main reason I’m lagging is because I suffer a constant digg/slashdot effect, not from those sites, but from bots/spiders. I just recently learned that Google Webmaster Tools and lowered Google Bot’s crawl rate. My blog also used to have a plugin where whenever I edited/deleted/added a post/page/whatever, it notified Google so that the Google bot could come and re-update its sitemap. That must’ve contributed to the lag a lot. I’ll be checking up on Google Analytics and see how things are going.
I am completely free of spam on all my sites at the moment! There’s no way to get spammed anymore!
Testing reCAPTCHA