Logic forms to follow that it was inevitable that we've received the first real complaints of spam sent via Private Message. Accordingly, the "glad225" account (which was established today and instantly started sending spam PM's) was deleted and all the PM's they ever sent were removed from the system.
Personally speaking, I am rather frustrated over this new development, because unlike some other CMS systems, Xoops 2.x has yet to put in the anti-bot verifications to keep this type thing from happening.
We will be watching new registrations carefully, and will not hesitate to remove bogus accounts (and ban their IP) in the future. Should this problem accelerate, we have very few options left to us other than to move to another, more secure content management system, or to hire a developer to add protections to the current system. Neither of which are really feasible right now....
Suggestions, or nuclear weapons, would be appreciated.
Wayne