Account Activation is set to "By Admin". I had a user create fake accounts to test new custom profile fields I added as spam prevention. With the first attempt he messed up the captcha and got an error, but I still got an activation email. I got a duplicate one when he completed registration. The second attempt he messed up his password, and the same thing happened. I got one activation email, and then another 1 minute later when he fixed everything and hit submit again. The third attempt I told him to purposely choose a wrong answer for a custom profile field and then leave the screen with the error message on it. I got the activation email and went to the ACP to check it out: the account had been created as a "Newly registered account" even though he was still looking at an incomplete registration screen.

This would explain why I frequently get duplicate activation emails for spammers (and this was happening before I added new fields): they are failing something the first time around, and perhaps both times. There is no way for me to know that they actually failed registration or not.

As my goal is to not get lots of activation emails from spammers, this bug is very irritating. The email should not be sent and the account added to the database until they succeed in filling out the registration form.

If this was fixed in the newer version, awesome!