Originally posted by Adam You're right- it seems like there are many spam bots going around at the moment
We do have an automated spam filter in place right now, but I may need to incoroporate a registration filter, or something similar, as well.
A system supplemental to the image verification may also be put in place to prevent spam.
I just looked again at the registration sequence and the CAPTCHA you are using is pretty weak. Was it included with the forum software? If so, the image algorithm may be well known and easier than most to crack. Having said that, even a good CAPTCHA can be cracked after a fairly short amount of time. For registration purposes, once is enough.
A few years ago, I wrote a CAPTCHA for the dot-com I was working for at the time. The intent was to prevent data harvesting from certain publicly exposed resources. For the most part, the effort was successful. Interestingly, after a few weeks we noticed a strange activity pattern where the CAPTCHA image resource was being requested outside the expected user path. Something was trying to find patterns to crack the CAPTCHA. This kind of thing would happen in bursts with most of the requests coming from a particular .edu domain. The hits would come at approximately 20 second intervals for about an hour or so and end with a successful return of the protected resource. I flatter myself in thinking that our gatekeeper may have been used as an assignment for an upper division AI computer class.
Have you considered requiring the CAPTCHA for posting as well?
Steve