I quickly went through the userlist and saw a bunch of spam-accounts. Surprisingly, most are not from China but still using the same pattern (username and email-construction). Here, a big part seems to come from OVH hosting, which is a french hosting company.
After reviewing the situation, I’d recommend the following:
Change registration activation to “user & admin (Advanced Double Activation Pack)”. That means, admins need to approve new user registrations. In the long run, that is probably going to be less work than having to approve the first 3 posts of every new user (and delete them and the user if it’s spam). If a spammer registers, the admin just doesn’t approve it. No action required. Using autoprune to remove inactive accounts which are older than x days, the database size will stay acceptable.
Comparing spammer vs. legit registrations, the workload is likely to much much less than it’s now.
Then, I’d strongly recommend installing a blacklist client mod. My favorite is this one - Advanced Block MOD.
It works pretty much like anti-spam blacklists for email. There are free and open blacklist servers against which IPs and email-addresses can be checked if they are known spam sources. The system is fully automatic and the performance impact is minimal as only at the registration a check is done.