Strategies for coping with hyperagressive spambots?

A couple of my sites are getting slammed by a hyperagressive distributed spambot. It’s just pure link spam. It all comes from one user name, but from a variety of IPs.

Akismet is catching the spam, so my sites aren’t defaced. But it’s affecting performance.

What is best practice, if any, for mitigating this?

Edit There are about 400 of these in 24 hours. They’re coming from a rotating bunch of IP addresses. There are between five and ten hits from each address.

• 60.173.9.*, 60.173.10.* and 60.173.11.*
• 112.123.168.*

Both of these address ranges are assigned, according to apnic.net, to ISPs in China.

(I’m guessing malware-infested cybercafes, but who knows?)

Again, is there a best practice to deal with this junk? Or just let akismet do it?

One surprisingly useful solution to foil most spam-bots is to use a honeypot. Put an extra entry field into your comment forms, and then hide it with css. Normal users won’t fill it in because they won’t ever even see it. Based on that, you can safely assume that anytime an entry is made with that field filled, that it’s a bot and you can just discard/mark it as spam.