[Mediawiki-l] Spam account creation, circumventing recaptcha

[Sol Invictus]

Greetings,

As of a few months ago, I've been getting spam pages generated on my
wiki. I upgraded to the latest mediawiki release and I added recaptcha
to login and anonymous edit, but spam accounts and pages are still
being created. I added debug output to the recaptcha extension to show
me when it accepts or denies input, but it seems it isn't even getting
called when the spam accounts are being created. Is there a known
security hole with recaptcha and the latest mediawiki version? An log
example is below (with a couple modifications for privacy).

Thanks,
Sol

POST /wiki/index.php?title=Special:UserLogin&action=submitlogin&type=signup
HTTP HEADERS:
ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
ACCEPT_ENCODING: gzip
CONNECTION: keep-alive
COOKIE: wikidb_algowiki__session=c6622d43e60d6161f4d071925be118db
COOKIE2: $Version="1"
HOST: algowiki.net
REFERER: http://algowiki.net/wiki/index.php?title=Special:UserLogin&type=signup
USER_AGENT: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10
[...]
DatabaseBase::query: Writes done: INSERT  INTO `algowiki_user`
(user_id,user_name,user_password,user_newpassword,user_newpass_time,user_email,user_email_authenticated,user_real_name,user_options,user_token,user_registration,user_editcount)
VALUES (NULL,'MaryannCarney','','','20110307115456','',NULL,'','','09f0f00ac09383bde1de0721eeaf2cd4','20110307115456','0')
Loading options for user 197 from database.
setcookie: "wikidb_algowiki_UserID", "197", "1302090896", "/", "", "", "1"
setcookie: "wikidb_algowiki_UserName", "MaryannCarney", "1302090896",
"/", "", "", "1"
setcookie: "wikidb_algowiki_Token", "", "1299412496", "/", "", "", "1"