I’ve had an automated IP blocking system in place for a while now: SpamValve. I have some custom plugin code (plus a patch to Akismet so that it calls out to my tracking routines before it exits spam detection) that monitors for repeated abuse from the same IP address. When a client IP crosses a threshold, I automatically add firewall rules to block that client until their traffic ceases for a certain amount of time. Once that IP is quiet for a set period, I unblock it again.

Unfortunately, most people don’t have the kind of server access needed to put something like this in place. Modifying it to auto-manage .htaccess rules probably wouldn’t be too difficult, but blocking traffic at the firewall level is so much more efficient for the server, because you never even get the CPU hit from Apache having to examine the request.