Yes, I think it's grate Idea.... and good way to stop it.

I finally solved the spambot attack of my DNN websites through the  Project Honey Pot (www.projecthoneypot.org)

It is very simple to add to your DNN website in simple three steps!

1. Free register an account on www.projecthoneypot.org to obtain your free AccessKey
   
2. Add the Honey Pot DLL on your bin folder (HttpBL.dll with right target framework 2.0 or 4.0 depending on your DNN installation)
3. Add following setting to your web.config

---

<configuration>
  <configSections>
    <section name="HttpBL" type="HttpBL.Settings"/>
  </configSections>
...other stuff...
  <appSettings/>
...other stuff...
  <HttpBL
    Enabled="true"
    AlwaysAllow=""
    AlwaysDeny=""
    AccessKey="your access key"
    QueryDomain="dnsbl.httpbl.org"
    MaxAge="30"
    MaxScore="40"
    CacheTTL="3600"
    CacheWhite="true"
    RedirectOnHit="false"
    RedirectURL="/denied.aspx?ip=$IP&amp;result=$RESULT"
    Logging="true"
    LogPath="C:\YourLogDirectory"
    LogHits="true"
  />
...
  <connectionStrings/>
...
  <system.web>
    <httpModules>
      <add name="HttpBL" type="HttpBL.HttpBL"/>
    </httpModules>
...

Note: the above config may change depending from the version of IIS you're running and
      how you configured it (kudos to Brandi for the note !!); that is

<!-- If IIS 6 or IIS 7 running in Classic mode -->
  <system.web>
    <httpModules>
      <add name="HttpBL" type="HttpBL.HttpBL"/>
    </httpModules>

...

<!-- If IIS 7 running in Integrated mode -->
  <system.webServer>
    <modules>
      <add name="HttpBL" type="HttpBL.HttpBL"/>
    </modules>

---

Enabled             true = enable filtering

AlwaysAllow            pathname of a file containing IPs (one on each line) which will never
                    be blocked nor looked up; the IPs may be partial ones, so, for example
                    "192.0.2." will match all the IPs starting with the given three octets
                    while "198.51.2" will match the first two octets and any IP whose third
                    octed starts with "2"; the pathname may be an absolute one, a relative
                    one (not recommended) or a virtual path

AlwaysDeny            pathname of a file containing IPs (one on each line) which will always
                    be rejected (w/o any lookup); this list supports partial IPs as seen
                    for the allow one (path notes as for allow)

AccessKey           this MUST be a valid Http:BL key obtained from Project Honeypot (PHP)
                    for infos, please visit http://www.projecthoneypot.org

QueryDomain         the domain used for the DNS queries, change it ONLY if needed (as of
                    today, the default should be kept to allow the module to work)

MaxAge              bad IPs BELOW this age (days) will be rejected (see "PHP" for details)

MaxScore            bad IPs ABOVE this threat score will be rejected (see "PHP" for details)

CacheTTL            time (seconds) for which a given IP infos will be cached (good IPs will stay
                    in cache for 1/4 of this time, the default value of 3600, that is, 1 hour is
                    generally a good pick, change it only in case of problems); notice that the TTL
                    is "dynamic" that is, a given cached entry will only expire "TTL" seconds after
                    the last time it was requested, this helps further improving the caching and, in
                    turn, reducing requests to the Http:BL DNS servers

CacheWhite          true = also cache "good" IPs (helps avoiding too much queries), such IPs will
                    stay in cache for 1/4 of the TTL, so if using the default TTL of 3600 good IPs
                    will be cached for 15 minutes, this avoids the need to query the Http:BL DNS
                    servers for good IPs from regular visitors browsing your web site

RedirectOnHit       true = bad hosts will be redirected to the specified URL, (false = they will
                    be rejected using the default, built-in error page)

RedirectURL         bad hosts will be redirected to the URL specified here (it can be a relative
                    or absolute URL) the URL may contain optional parameters, the macros $IP and
                    $RESULT will be replaced with the visitor IP (the "bad IP") and the result
                    from the Http:BL lookup, this way you may setup some kind of custom "informative
                    page" if you want, which will explain why the access was denied and what to do

Logging             true = enable writing infos to log files

LogPath             path where the logs will be created, the path may be absolute or relative, just
                    ensure that the folder exists and that the IIS process has write rights on the
                    folder, otherwise no logging will take place, the log file names will have the
                    format HttpBL-MM.log where MM=month; older logs will be automatically replaced
                    by newer ones, this means that we'll have a max of 12 logs (one each month) so
                    we won't need to worry about mantaining older logs or filling up the disk; the
                    path can be specified as seen for the allow/deny lists

LogHits             true = logs the bad IPs hitting your site, false = only logs errors/warnings
                    notice that the hits and the errors/messages will be logged using different
                    logfiles (same naming approach as above)