The trenscanspammers (http://www.estherfuldauer.com/2004/11/08/trencaspammers-10rc-wp-plugin-anti-spam-para-wordpress/)
plugin is really easy to implement. It's a picture-authorization scheme that only involves placing one file in your plugins directory and a copy-and-paste of code into wp-comments.php and wp-comments-post.php
The only problem is that the random number in the image is passed back to the server in the hidden field called ts_random. As more WP sites install this anti-spam plugin, the spambot authors only need to filter the form HTML to capture the value of this field and submit it.
Here's an easy fix-- customize the name of that hidden field. This obfuscation should make trenscanspammers a bulletproof solution to comment spam.
<input type="hidden" name="YOUR_IMAGINATION_HERE" value="<?php print $ts_random; ?>"/>
The 2 lines of code you're looking for are in the stuff you copy-and-paste from the trenscanspammers code files. The value you'll see there will be ts_random instead of "YOUR_IMAGINATION_HERE".
Hope this helps people!