Understood. So are better alternatives not available for this forum software or not feasible?
I am still pretty new to this forum, but had read this thread a while back, when I first joined,Since then I have only seen 2 or 3 spam posts, which I reported, and they were gone the next time I logged in, so really, I think what they have is working pretty good.
I also am a moderator at "stopforumspam" (SFS),
I understand your concerns, but as you've discovered there are reasonably easy ways around it for those that few that are adversely affected.
When some one is genuinely innocent, and not a spammer or associated with using malware that runs various types of spam bots , they can and do get removed from the data base we use.
Then there is a bunch of "not sure what to call them", but they insist they are not "spammers", but "marketing engineers", these are the most difficult to deal with, in my opinion, they are "spammers", nothing more, but they are the ones that get angry and offended anytime they encounter a secure site or forum, and find they can not register, and they always insist that they are innocent.
The whole thing on spamcontrol and site security can get rather complex, but in the long run it is worth it, there does not seem to be any 100% guaranteed way to avoid occasionally someone that is innocent, falls "victim" of the spammers and spam bots, but the 1,000,000s or more that are real BOTS ,spammers,and other forms of mal-ware, or nuisances that are blocked, make it worth it.
If one does the research, there are many ways to help insure you don't end up on a "black list", too.
Ok well I am almost kind of "rambling", I mostly just wanted to mention, there is a rather new "captcha" method available, called "FUN CAPTCHA",
https://www.funcaptcha.com/
I use it on 3 forums and my website, we also started using it at SFS for the search options, we had a whole bunch of trouble with a DOS attack, spambots trying to over load the search, used to check the database, anyway, it works really well, I have been using it for about 6 months, and not one single spam bot has registered. A human can easily solve the captcha, and if they turn out to be a spammer, and actually post some kind of spam, well , they end up getting deleted, and also added to the data base at SFS, so then they are "caught", and any other site/forums using the SFS data base, has them blocked. So far I have never had any that tried to get removed, but, I also do submit the "evidence", copy of the spam post, just in case they try to claim they did not post spam,..
For additional security, I use a php script, "ZBBLOCK",
http://www.spambotsecurity.com/
Not only does it keep the spammers out, it also keeps out a lot of known malicious bots, scrapers,hackers,etc. (not to say all "hackers" are bad, but there is a bunch that spend all their time looking for sites they can hack and vandalize), delinquents I guess one would say.
When I was testing the new "funcaptcha", I disabled ZBBLOCK, because nothing gets past ZBBLOCK, they never even get to the registration page, so I disabled it, but still, not one spambot registered, my logs showed that several 100 tried , per day for about a week, but none successfully solved the captcha.
This is not to say, I think there is anything wrong with system Debian Users Forum is using now, the contrary, it seems like what they are using works fine, but the "Fun Captcha" might help make it a little easier for people to register, and combined with zbblock, the moderators might have less work to do.
Guess for now that is about it,..