Mollom is letting through a good 75% of the spam and this is obvious spam bots. It wasn't working at all until I synced up server time via this issue and "self resolve"
It looks like spambots post in rapid succession 10-20 comments in a row and Mollom API in terms of time cannot pick them all up, something to do with timing.
As far as I got in a debug and if there are dynamic IP lists to just block spambots there might be a good idea, but I've already added 100 IP addresses to the firewall and if I add any more at the top level, I'm going to slow my site due to all of the IP tables.
This is so bad, it's hard to find the real comment in the moderation queue from the flood of spam. Thx.
I am using a custom AJAX commenting display but that doesn't seem to be involved since the spam mollom identifies vs. passes seems to be a timing issue and not a type of form submit one.