Basic spammer protection w/ nginx?

Does anyone have any recommendations for some basic rules I can apply
to my nginx.conf file to prevent spambots and the like? I saw a post
with some Apache/PHP specific stuff but I’m not sure how to convert it
for Nginx/Rails:

RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post.php*
RewriteCond %{HTTP_REFERER} ! [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

It seems a spammer is scraping the authenticity token from my site so
I need to find another way…

Thanks in advance,