Silently failing would look bad.
1. Rate limit based on the first byte of the IP address (79. or 81. in this case).
Definitely needed. What rate are you thinking of? Ultimately, it's better to rate limit it than to let it all drain out.
3. Rate limit based on last two domains of reverse DNS lookup of the IP address (rima-tde.net in this case).
That might work surprisingly well. If it works, it keeps them from hitting the rate limit, but the rate limit is there as the last line of defence.
4. Make the standard amount given away 0.5 Bitcoins (Bitcoins have gone up 10 times in value since I started the Faucet).
Definitely time to lower it.