Haven’t installed MT 2.5 yet, but I found something I’ll be installing at the same time: Brad Choate’s Sanitize Plugin.
Choate is one of the more prolific (and quality) MT plugin writers out there, and this new plugin helps you regulate what HTML will (or won’t) be included in your comments, strips out JSP, ASP, PHP and SSI markups, and closes tags that might have been inadvertently left unclosed. Not only does this keep sloppy commentators from turning the rest of your page into bold print, but it prevents a whole lotta possible security holes. Yeesh!
Triffic stuff, and something the Trotts ought to consider for part of their regular MT distribution.