Open user registration is something else - you're effectively allowing
someone to create a new identity there. (I don't think "CAPTCHA" is the
way forward here either). I think that's the root cause, here.
I don't think CAPTCHAs will really solve the problem, which so far is
not botnets but poorly-behaved humans.
Some sort of reputation system (XMPP.net federation?) would probably be
handy here so that people coming from previously unheard of domains or
blacklisted ones cannot add new rooms.
Richard
