Some people I do not want to name complain loudly about spamming on moodle sites which is caused by various configuration issues:

1/ lang/en_utf8/admin.php
$string['configforceloginforprofiles'] = 'Enable this setting to force people to login as a real (non-guest) account before being allowed to see the user profile pages. By default this is enabled (\"true\")';

this should explain the dangers of user profile spam

2/ $string['selfregistration_help'] = 'Choose which auth plugin will handle user self-registration.';

this should explain possibility that spammers might create accounts and spam in forums/blogs, etc.