My experience has been it has to be caught (as much as possible) at the point of registration. Otherwise it never ends. Blacklisting words is seldom effective for more than a month or two. The spammers just start spamming different products once they get bounced out.
Requiring a verifiable email confirmation and a "secret question" during registration helped with a site I used to work with. They used to get carpet-bombed with garbage on a daily basis. You needed to respond to the email to confirm your registration. The email had directions, but not a clickable link to the confirmation page since automated registration bots are on to this step. You had to login once and answer the secret question to confirm your registration. After that, the first time you went to post, you were asked for your answer to your secret question one last time.
This got 99.9% of the potential spammers. But not all. A few still got through from time to time. No rest for the wicked, that's for sure.
It possibly also turned off a (very) few genuine would-be registrants. But our take was that if anybody was that
touchy about the site attempting to keep spam out of everybody's face, then maybe ours wasn't the site for them to begin with.
It's a tough call. Because the last people you want to unintentionally turn away are the people that have little patience with registration nonsense. Very often, they're the most interesting contributors to the dialog once they get on board.