While there are many strategies for blocking, filtering, and reducing blog spam, many of them don't due much to reduce the CPU load incurred to handle all that spam. Even if you have strong MT spam filters, or close comments on your entries, spam may continue to cause increased CPU load, even if the spam is rejected or filtered.

As far as spammers are concerned, the automated ones don't care much (or even realize) that comments are closed on your entries. And they don't take the time to see if their attempts were junked or pubished. They will continue to submit comment spam and trackback spam. MT will refuse them, of course, but the entire MT application loads on every attempt -- the MT cgi scripts still incur load in process these, but likely not as much as a junked or successful comment submission. The main benefit to closing comments and using MT junk filters is to reduce / remove the clean-up effort, and to keep spam from be published on your blog. You end up with less published spam, but I am not sure how much CPU load is saved in these cases.

To address the CPU load of spam, you need to prevent/reduce spam hitting the MT cgi scripts. A temporary solution is to rename your comments and trackback scripts. Spammers will still try to hit the old URLs, but they will get 404 "not found" errors. This still incurs some load, but not as much as if MT had to handle those requests to reject or filter them. This solution is temporary because spammers will soon learn the new names of your scripts, and spam and load will increase thereafter.

A longer term solution is to attempt to block spam *before* it hits the MT scripts. mod_security is one way to do this. It is an Apache module that uses rule-based filters to block requests at an early stage. You still need a good ruleset, of course. In many, case you will need a dedicated server to use this, but some shared hosting providers support mod_sec to varying degrees. In recent days, spam attempt have increased on my server. Yesterday, mod_security blocked almost 4,000 spam attempts. Without mod_security, that would have been a lot for MT and my dedicated server to handle. My server would likely have crashed several times. But my blocking the spam before it gets to my MT scripts, I was able to weather the attack without a huge spike in CPU load.