comment spam countermeasures (mollom, honeypots, hashcash, bad behavior)

The spam situation has recently gotten a bit out of hand and automated defenses have been giving in.

I've taken a close look at the problem and implemented a gauntlet of spam countermeasures that I'm hoping will give us back the upper hand for a while longer, without compromising on the user experience.

Previously, we only used mollom to filter out comments by anonymous users. This was easy to get around for two reasons: