I have a three step registration process on my site and the form includes a captcha and checks that the referral from step1 to step2 etc has come from within the site and that all form fields have been filled in correctly.
Without being any expert on spamming, that makes me hopeful that the registration spam that I get is at least human-generated rather than bot, but more than happy to be corrected if I’m being naive or over-confident about the security measures I 'd taken.
The bulk of the spam registrations are @guide3.netweb.de and gmail email addresses and wondered if anyone had any successful solutions for preventing spam registration based on email address or IP that wouldn’t make it a pain for the honest registrants.
Checking form fields that have been hidden by css for no input is useful - a couple fields named ‘email’ and ‘comments’ will generally attract attention of bots but won’t be seen by humans
some other things that could help a little in addition to what has been mentioned would be to use some Regular-Expressions to check for patterns of spam and maybe display the person’s IP and user agent next to the form to discourage them. the real spam doesn’t even require the use of forms so be thankful you’re not there yet lol.