A user should not be able to easily discover other user's email addresses that have registered

The new user script will quickly respond with has already been taken when entering an email address that is already registered.

Similar to the "reset password" functionality, which says "if your account is in our system...", this form should probably not expose this information, and rather do something like sending a password reset email.

Additionally, though a little less intuitive: entering an account that does not already exist immediately grants access to the application, and the ability to join groups (but not yet post). Reaching this point for a user that does exist clearly cannot be allowed - therefore, this difference again would make discovery of a user registered email on the system possible.