In the end, I think it was just too easy. I searched over the internet on ways to prevent comment spam. Some of the ways I came across were:

1. Change the label of the link from "Comments" to something else. From what I understand, spambots look for specific words and go in and dump spam. The changed label should be inituitive enough to let human readers understand that it is the link to leave comments but hard enough for the bot not to understand.
2. Employ Turing test to defeat the bots. Turing test is used on many websites nowadays to distinguish man from machine. But the latest advances in technology can also defeat this approach with OCR technology embedded in it. So can a person determined enough to hire cheap labour to dump spam.
3. Do not allow unmoderated comments. Moderate the comments so that the comments do not appear on the website / weblog without your approval. I found a link to this article when I searched for ways to moderate comments. The technique described in the article applies to CoreBlog running on Plone or Zope, but can be extended to almost any software. In fact most of the weblogging sites give options to moderate comments.

In the end, I chose the third option. For the first two, I would have needed to hack and program and spend a lot of time and effort, which I don't have to spare. The third one was quite easy and I could do it within 15-20 minutes while reading the article itself. To moderate the comments in Coreblog2 running on Plone and / or Zope the workflow needs to be modified. Coreblog2 inherits the default workflow from Plone / Zope which allows unmoderated comments to be displayed on the website.

The details of the steps are given in the article so I won't repeat the same here.