WordPress MU

Anyone seeing lots of traffic with the user agent string set to libwww-perl

I'm getting a lot of automated blog creates which look like :

87.252.230.140 - - [27/Jul/2007:01:29:36 +0100] "GET /test/ HTTP/1.1" 302 - "http://someblog/test/" "libwww-perl/5.803"
87.252.230.140 - - [27/Jul/2007:01:29:42 +0100] "GET /wp-signup.php?new=test HTTP/1.1" 200 7646 "http://someblog/test/" "libwww-perl/5.803"
87.252.230.140 - - [27/Jul/2007:01:29:44 +0100] "POST /wp-signup.php HTTP/1.1" 200 7564 "-" "libwww-perl/5.803"
87.252.230.140 - - [27/Jul/2007:01:29:48 +0100] "POST /wp-signup.php HTTP/1.1" 200 6575 "-" "libwww-perl/5.803"
87.252.230.140 - - [27/Jul/2007:08:38:29 +0100] "GET /wp-activate.php?key=1fc356b735a3d985 HTTP/1.1" 200 6586 "-" "libwww-perl/5.803"

Must add a Signup Captcha!

It's a linux module (I can't think of the right word) used in known scrapper and comment spam scripts. The IP address is also known. I believe it;s even on my own block lists.

well I dropped in the signup captcha plugin and that stopped it from signing up but didn't stop it from trying so the ip went into the firewall

I'd have to double check but I believe I wound up dropping the entire class c into the htaccess file at the routers awhile back.

edit: Actually I stand corrected. It was a number of 81.* class C's in there. 87.252.230.140 isn't in my logs. But considering that Google search, it will shortly be.