Although the site security can prevent automated bots from creating a member profile and posting spam, it can't prevent a real person from creating one manually. Spam posts are as far as any spammer is likely to get as they can't get access to anything behind the scenes from simply having a member account. If they wanted to hack the forum (which is a completely different ballgame to simply spam posting) then they would have to use a completely different method to do so.
As soon as a mod is made aware of spam we jump on it and ban the account, however, we aren't able to spot all spam so as has been said, if you spot anything drop one, or all of us a PM. That way we get an email alert and know that something needs our attention.
This will always be a problem and the spammers will find a way no matter what is done, as there is no way to tell the difference between a spammer and genuine person when they open the account. The best we can do is jump on them in the shortest time possible.
Rob
I'd make sure your firewall is effective, and that anti-virus defs. are up to date chaps. We don't want to end up as some sort of Russian DOS Spambot clone, do we? The latest seems to concern 'Catholic news' ('Katholiche Nachrichten') ostensibly in Polish but actually written in Russian..and based, at first sight, on a german periodical (?) Weird. 
