After getting INSANE ammounts of spam, I found a flaw. Pixelpost doesn't check for POST when it processes comments, only GET.

When I changed this, spam decreased A LOT.

where do I change this?

not really a solution - as soon as the default method in all PP install is changed to POST the bots will be rewritten with POST in mind.

Using GET is not a flaw in itself - just wrong usage

Just like sensuous wrote - there is no good solution made in such way. There must be other rules for fighting with SPAM. Ofcourse each non-standard solution is the best one because it must be genius programmer (who can easly write BOT for each case) or (more probably) they wont write new code for such experimental SPAM fix.

Well. All I added was a && ($_POST['submit']) to the comment-checking along with all the other stuff, and it helped alot.

I had even disabled the input-forms, and I still got spam. Cross-site spam? But as soon as I added a check for Submit, to check if the button actually is pressed, I got less spam.

But not the only solution, of course.

Well. All I added was a && ($_POST['submit']) to the comment-checking along with all the other stuff, and it helped alot.

I had even disabled the input-forms, and I still got spam. Cross-site spam? But as soon as I added a check for Submit, to check if the button actually is pressed, I got less spam.

But not the only solution, of course.
probably they are hitting your site with URL index.php?x=save_comment. check out this modificaition.
http://forum.pixelpost.org/showthread.php?t=4310&page=2