A mandatory custom profile field has been defined (custom_profile_field1.png), with a default value that is equal to the non entered value (custom_profile_field2.png). Users should therefore not be able to register without selecting a non-default value for this. This is indeed the case when registering through the phpBB registration screen. However, users (spammers) are able to register with the default value set - i.e. spammers are somehow submitting their own form to register, and it is bypassing the custom profile field validation.