34
I took one step that ghia mentioned and that may be helping. I have a two step registration process, the first being just the basics (user name, email, etc.) and the second containing additional information, including first and last name, which are required. I originally had Xoops set to save both steps, but now only save after the second step. I haven't received any spam registrations since doing that but I'll know more tomorrow. I'm sure "they" will soon figure a way around that too. I did do a test registration after making that change and it came through. Filling only the first form (step) did not.
Peekay, I have installed your hack for blocking direct access to register.php. Hopefully you can modify that.
Regarding the idea of not entering a registration unless a valid email address is entered, I don't think that will work. Some of these spammers do use valid email addresses. Once they register they may start filling your site with spam advertising or, worse, porn. So far none of the spam registrations on my site have followed up with confirmations. That may be because the email addresses are spoofed or that they are simply not monitoring the registration confirmation messages. Presumably there would be thousands of them. I do know that I don't get many bounce messages although I've had a few, suggesting that many of the email addresses are real.
barryC