A site I'm working is getting flooded by spam messages in their comments. I just updated the Blog module, I've updated Mollum to the latest, SpamProtection to the latest and is using SS 2.3.5 .

Spam is coming in nearly every 5-10 seconds. They are making direct POSTs to the comment function (which I thought the latest Blog update fixed). Here is a sample of the log:
217.23.12.204 - - [16/Feb/2010:14:28:26 -0500] "POST /p-nut-butter-lover-s-cookies/PageComments/PostCommentForm HTTP/1.1" 403 - "http://www.fullplatediet.org/p-nut-butter-lover-s-cookies/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

Can I make Mollum always display and require the Captcha, or is there another fix I can implement quickly? Is it possible that SpamProtector is not working, and is there a way I can test it?

I think an easy way might be to add this to your Page_Controller init() method:

function init() {
	Session::set('mollom_captcha_requested', true);
	parent::init();
}

This is untested and I've never used mollom, but it seems like this should work.

I think you can do something like

MollomField::$alwaysShowCaptcha = true;

as well in your _config file to always show the captcha

Neither worked. I moved to ReCaptcha and that seems to be putting a stop to it. Dunno what the deal was/is with Mollom.