From a pure usability and UX standpoint, the best policy would be to assume that people DO want images, perhaps clickable thumbnails that show the full image in a lightbox.

On the other hand, this is a privately owned website, and the owners are free to do as they please.

As for dealing with security issues (cookie stuffing and CSRF), simply host all images locally and have stringent checks to validate them as clean image files.  That's a no-brainer for me.

EDIT:  IMO, sig images are a distraction to useful discussion, but embedded images in posts can be very helpful to discussion.