Its a bit of a battle, I don't think there is any way you can total keep the bots from registering but there are a few things that can be done. If you are using a common forum script you might be able to change the form field names within the html. This can sometimes reduce the numbers because the people who run the bots aren't going to change something simply for one site. The bots are built to go after a common trail. If you can deviate from this trail you're doing well.

Captchas are another useful tool. They do frustrate some users, especially the ones that are hard to read, but again they do work well for putting off non human registrations.

The most effective method I have found is to require email validation when a user signs up.

Mack.

I have an email validation on my forum, but bots still able somehow to bypass it. Almost all of them don't post anything, just appear in list of members. I tried to register myself and I found out that UNLESS you click the link in the mail that system sends, you don't appear as a member, only where it says "awaiting moderation". I use SMF 1.1.11, BTW...
I do have a built-in captcha module and I have it on medium level of complexity. Though it seems too simple, so I might as well go to difficult level.
Speaking of captchas...I know that there's a special module with that name and it looks somewhat special. So when you were talking about "captcha", did you mean just ANY type of module that does the same thing or that particular type?
I don't know if there's a way to change a type of captch module in SMF...?

Captcha is a generic term for any process that requires a manual response to verify that data entry is by a person and not a machine.

If the bots are automatically validating then it suggests that you are using some popular off the shelf software which has had both the captcha and its acknowledgement email format cracked.

Can you customise the registration in some way so that it isn't identical to every other site that uses the same software?
Can you substitute a third party or bespoke captcha for the one provided?
Can you customise the verification so that there is a non standard action such as an additional captcha?

As I wrote before, I use SMF 1.1.11 which you could call a generic software out of a shelf (and also free-GPL).
I'm not a programmer, so I can't change the registration fields.
As per adding another captcha or using a different captcha module...I don't know...I have to find out.
For now, I just made it to the hardest level of the existing generic captcha that comes with a forum software.
I definately made it harder for humans to guess, but I will see whether it helps at all to prevent bots from registering (my guess is that it won't).

I made it to a high (most difficult) level for an existing captch on SMF and it seems to be working...
Though, its kind of a pain to register (sometimes you have to reload the image or re-type it), but I think that if someone really wants to register, its not a problem.

Are there so many real applicants that you can't register them yourself after they have sent an email?

It is a problem if the registration process is difficult. One way to make it easier is to put a human challenge, like asking them to do a simple addition problem. This kind of challenge is effective against bots and is less hassle than a captcha. If you want to make it easier to register you can also skip the requirement for them to confirm their membership.

Good luck.
;)

I am using smf and I also had the problem that bots are bypassing the the capcha thing. In my opinion the human action is the best as it was mentioned before. The most common is to identify what is shown on the picture and click on the right one. So there is a picture of a car and A is car you click on it etc..the rest you know. What I use now is that not only the activation link is needed but at registration the register cannot choose apassword. A 6 random character will be sent to the applicant by email with the validation link and when he or she enters it offers the applicant to change it therefore you have to recognize what that code is....I hope this helped...