Now seriously, no joke anymore.
The (technical) viable way I see without having a crew looking at the logs is some sort of IDS/IPS.
Ideally the IDS/IPS would blacklist the source IP by injecting drop rules in m0n0wall.
Pfsense has a snort-inline add-on doing exactly that.
I'm not aware of any snort + m0n0wall setup yet so maybe someone here can give you some useful
This message has been scanned for viruses and
dangerous content by MailGate, and is
believed to be clean.