I closed it because exploits should not be discussed in the forum. Please, email the issue at security@wordpress.org
I hate to break the bad news but spammers already know about it. The problem is no one here seems to care.
Others have also reported this:
http://wordpress.stackexchange.com/questions/113255/spammers-are-bypassing-buddypress-registration-form
Spammers will find any way to get into a site, nothing new there. If you know exactly how registrations are getting through then email it in.
Why bother?
I just outlined it and was told I didn’t know what I was talking about and had the post locked.
Unless you are part of your little clique here no one seems to care what you say.
We have had 8 techs dig deep into this over 3 days. We fixed it. I guess I no longer care if the rest of you do.
@dennish
Its been a few weeks and was wondering if deleting the bbpress issues in the buddypress folder is still the fix for the spambot issue you were having. Thanks!