A heads up on this - we will be updating Dfans at some point in the somewhat near futuer to the system curse uses on other sites. With this update will come our self made spam detection sytem - should help big time then
Regarding CAPTCHA, it's not as straightforward as it seems. For example, there are programs that help you download stuff from file sharing websites, and they come with built-in captcha circumvention. They work pretty well, to say the least.
On a side note, captchas are not just a bot prevention, but they are a tool to OCR books. Read more about it on Google's reCAPTCHA website. And I'd like to mention the name Louis van Ahn, the father of crowdsourcing and the guy who came up with this brilliant idea in the first place (and many others, like the ESP game). Whenever you see one of these reCAPTCHAs, what happens behind the scenes is that one of the words is known (i.e., the traditional captcha check), but the other is "unknown" and one of the OCR fails from Google Books, and you are helping them to get the OCR right. Of course you don't know which one is the captcha check and which one is the OCR task, but the important thing to consider for bots/captcha script writers is this: the captcha check is probably a word that was successfully OCR'ed by the system before; the word that created troubles for Google's OCR is the word you don't need to get right. Therefore, a captcha image recognizer might only have 50% success rate on the captcha from our point of view, but for the purpose of passing the test it's significantly higher (and given enough iterations, you can get close to 100% I guess).
TL;DR: Captchas are not great as a bot prevention (anymore).
So, what helps?
What we did on several other forums I'm a member of is to add a question specific to users signing up on that site. For example, on a soccer forum we ask a question that every soccer fan should know, but bots don't (i.e., Google and see if the result is on the first page). Of course it shouldn't be too complicated, you don't want to keep potential members out. It's also not completely fail-safe, but we've made good experiences. To be honest, the simple question "what's the greatest club in the world" on a fan site of that club kept all bots out, whereas traditional captchas didn't... and fans can sign up without a problem. Plus, the question "what's the best ARPG in the world currently" might keep all the PoE trolls out of DFans as well ;-)
But the problem DFans is dealing with, in my opinion, is of another dimension: DFans is so huge and a successful advertisement from a bot here is so valuable that bots (or their owners) will solve the captcha (or answer any question) personally and then just let the bot pots its 10 spam topics. You have literally zero protection against this, unless you enforce rules like "no URLs before your 10th post", but as we've seen, this is even more annoying for new users.
In my personal opinion, what would help is if the first post of every member would have to be reviewed and unlocked by a mod. However, this would require 1) at least one mod online all the time, thus 24/7 mod coverage (and 80% of the mods on DFans are inactive), and 2) changes to the forum software.
Yeah, it's annoying as hell, and as you can see it's not the first time I have thought about this issue...