Instead of using a blacklist of IP addresses (which amounts to playing a losing game of whack-a-mole), I could recommend one of two strategies to reduce spam bot:
Strategy 1: Honey Field
I use this personally for one of my own web forms, and it works very well. The idea is to create an anti-spam field in your form. If this field is filled in (it will be filled non-discriminating way by a bot), your system automatically marks the sending as spam.
You can hide the honeypot field from legitimate users by assigning it a null (or low) height in the browser with
hidden overflow. If a user has disabled the CSS code, you can assign a label to the field of the type "anti-spam – leave this field empty".
Strategy 2: Captcha
An alternative strategy is to use a captcha, so that only humans can submit your form. The most popular captcha solution is ReCaptcha, which can be easily integrated into a web form.