I would like you to explain specifically and concretely why you need this, without using any broad abstract ideas like "bots" or "fraud".
For example: "We were receiving 1000 spam and 100 legitimate comments per day even though we used hCaptcha on the comment form. When we disabled HTTP 1.1 on the comment endpoint, the spam stopped entirely, and we still received 95 legitimate comments per day." (in this scenario, I don't think it's necessary to further elaborate what counts as a "spam comment" if it's the usual type. If it's not the usual type then you will have to elaborate it.)
Sorry, but you seem to be continuing to misunderstand how this works. Disabling a version of HTTP on its own is not going to stop spam. You seem to be confused about how something can be one factor out of many in a statistical model.
If you don't want to talk about basic concepts like bots or fraud, and don't understand how and why detection mechanisms for them exist, I suggest you do your own research. There are lots of explanations out there. An HN comment isn't a place where I can help you with that, sorry.
It sounds like you are advocating a policy to solve hypothetical problems or problems you have vaguely heard that somebody had once, not real-life problems where you are familiar with the tradeoffs.
For example: "We were receiving 1000 spam and 100 legitimate comments per day even though we used hCaptcha on the comment form. When we disabled HTTP 1.1 on the comment endpoint, the spam stopped entirely, and we still received 95 legitimate comments per day." (in this scenario, I don't think it's necessary to further elaborate what counts as a "spam comment" if it's the usual type. If it's not the usual type then you will have to elaborate it.)