For what it's worth, I'm detecting a trend on this blog that started about four months ago, in February. Spammers are using my search engine to seek for traces of their droppings. Here's a sample of searches, extracted from my blog log:
2006.05.24 02:31:15 220.127.116.11 Search: query for 'qqqqqqqqqqqqqqqqqqqqqq'
2006.05.24 02:31:32 18.104.22.168 Search: query for '<a href="http://www.testing123.com">testing123</a>'
2006.05.26 18:25:57 22.214.171.124 Search: query for ' - <a href='http://www.online-casinos-18.com/news/WSOP-Entry---What,-Where-and-When-.html' > WSOP Entry - What, Where and When? </a> -> http://www.online-casinos-18.com/news/WSOP-Entry---What,-Where-and-When-.html - - <a href='http://
2006.05.29 04:33:22 126.96.36.199 Search: query for '|"> <a href="http://www.testing123.com">testing123</a> >input type="text" |'
2006.06.02 20:37:50 188.8.131.52 Search: query for 'online casino and sports betting'
Those searches have been increasing a lot in May, making me think that they're trying to assess how successful they are in spamming this blog (answer: they are not at all, but they keep trying). Meanwhile, I'm banning those IPs (which all come from Asia and Russia) from posting comments here (and may be I should even ban them straight from the web server). I think that monitoring those searches could be interesting in detecting spammers IPs, though I'm not sure if it can be easily automated (may be through the same algorythm that detects spam).
Do you see the same thing on your blog?