Alright, this new type of spam is driving me insane. It's always a similar format - mostly Indian "Love Potion" or Chinese - from seemingly random IP addresses. I've repeatedly banned certain IP ranges. No doubt its a bot, but there's at least some human involvement too.

Things I have installed:

Spam-O-Matic (registered with stopforumspam)
Bad Behavior
Latest re-Captcha (new users use it with every post)
The site is behind (paid) Cloudflare
vB v4.2.3


Any ideas on how to stop this for good?

Try using the Question And Answer option on registrations.

Ask several questions that only legitimate humans knowledgeable about your specific forum topic can answer and do not ask "yes" or "no" questions or anything that is a 50/50 answer like "true" or "false."

Spam-O-Matic is incredibly outdated and doesn't actually stop spam any longer so far as I can tell. Do you have the Stop Forum Spam set up to check IP addresses and e-mail addresses? You could set it to check user names but that gives false positives.

Try using the Question And Answer option on registrations.

Ask several questions that only legitimate humans knowledgeable about your specific forum topic can answer and do not ask "yes" or "no" questions or anything that is a 50/50 answer like "true" or "false."

Spam-O-Matic is incredibly outdated and doesn't actually stop spam any longer so far as I can tell. Do you have the Stop Forum Spam set up to check IP addresses and e-mail addresses? You could set it to check user names but that gives false positives.

Thanks for the feedback!

I do have Stop Forum Spam connected, but I think one of the issues is that vb4 does not handle ipv6 addresses correctly, so anyone using ipv6 isn't checked at all.

Thanks for the feedback!

I do have Stop Forum Spam connected, but I think one of the issues is that vb4 does not handle ipv6 addresses correctly, so anyone using ipv6 isn't checked at all.

Correct.

http://tracker.vbulletin.com/browse/VBV-3824

Do these new accounts (bots) have anything in common i.e. do they consistently enter in silly info into otherwise legitimate profile fields? i.e. do they happen to enter in "Man" or "Woman" in the biography field where anyone with common sense would know it should be a brief description of themself? If so see my info in this article (https://vborg.vbsupport.ru/showthread.php?t=276547) to see if it can help you develop a custom solution ;).

Do these new accounts (bots) have anything in common i.e. do they consistently enter in silly info into otherwise legitimate profile fields? i.e. do they happen to enter in "Man" or "Woman" in the biography field where anyone with common sense would know it should be a brief description of themself? If so see my info in this article (https://vborg.vbsupport.ru/showthread.php?t=276547) to see if it can help you develop a custom solution ;).Multiple dots used in the email addresses, etc. In fact there used to be a Mod for that one if I recall correctly.

Multiple dots used in the email addresses, etc. In fact there used to be a Mod for that one if I recall correctly.

I don't recall that mod but if you stumble across it again let us know, sounds promising but I'm worried someone legitimate like john.doe@gmail.com might be flagged? I personally do not know of nor have ever dealt with a client who had an extra dot in their email but that does not mean some don't do it either.

I don't recall that mod but if you stumble across it again let us know, sounds promising but I'm worried someone legitimate like john.doe@gmail.com might be flagged? I personally do not know of nor have ever dealt with a client who had an extra dot in their email but that does not mean some don't do it either.No, the example you just gave would not be flagged. The settings started with 2 dots on either/or side of the ampersand, and could be set to 2,3,4 or however you wanted it. So that stuff like this:

john.j.doe.de@gmail.com

Wouldn't pass muster if your limit was set at 2..