After several weeks of no spam attacks, the forum is under attack again, and it appears the offender is using credentials gained through the forum software to launch his spam attacks.

We've identified four different users that registered during a flood of user registrations before we locked registration down. There are very likely more than four users that are a problem. None of these users have posted on the board or sent private messages. To eliminate this problem, I am going to "prune" the database and remove all users who have not made posts or sent private messages, leaving only "active" users. This will mean that anyone who signed up with a legitimate account and hasn't commented on anything yet will have their accounts eliminated.