Without wishing to give awway the secret, Lennart did something during the upgrade which reduces the way the site "broadcasts" itself to spambots.
Before this, we were averaging a handful of new accounts per day. Steve in particular had done a fantastic job of banning users before they managed their first post, but sometimes they got there before we did.
For sure, it was starting to get very time consuming - and it is sometimes hard to tell just from an email address whether it was a potential spammer or not. My rule of thiumb was any email ending in .ru was probably dodgy (along with a load of others), as were user names like ILikeToSpam. 90% of the time you also find that people sign up when they have something to say, so a new account with zero posts always deserves a second look. I managed to block one existing member through over-enthusiasm with the wild card (e.g. *@*.ru is rather a wide ban!!), but Steve soon found my error and fixed it.
I'm pleased we haven't had to resort to the final authorisation method, which involves us actively allowing each account. This would also have been time consuming and a potential deterrent to new members.
