Oatmin I don't know if this is something that would help you, but if the spammers are using specific AS you can find the AS, look up what ranges they're using on Hurricane Electric's site like this
https://bgp.he.net/AS34989#_prefixesThen ban them from /post.php in Apache2 conf
<Location /post.php>
<RequireAll>
Require all granted
Require not ip 217.170.192.0/20
Require not ip 194.242.10.0/23
Require not ip 185.101.32.0/22
Require not ip 91.189.176.0/21
Require not ip 83.143.80.0/21
</RequireAll>
</Location>