They collect it yeah, and so do we without them signing anything etc. That isn't the issue. The issue is that if a user actually comes and asks you to delete a piece of data of theirs that you hold, I believe you have to under data protection.
"An IP address in isolation is not personal data under the Data Protection Act, according to the Information Commissioner. But an IP address can become personal data when combined with other information or when used to build a profile of an individual, even if that individual's name is unknown."
As well as IPs XenForo stores email addresses and usernames, which build up a profile. This qualifies the IP as personal data under the Data Protection Act 1998, as ruled in case law.
Because we have the ability to do so, we must remove personal data on request under the data protection act.
I'm guessing that the user wants the IP addresses deleted because they believe them to be personal data.
An IP address isn't necessarily personal data as several people can be accessing the Internet from one or multiple devices from the same IP address. Also the IP addresses are used for legitimate purposes, not for targeting adverts etc at users. Also IP addresses are only retained for a period of time set in the ACP (I think).
You have probably read these but if not, they have some useful information in them.
So presumably setting it to 1 day would comply with this law for that user, but not ideal if you want to use other stored IP addresses for the reasons you mention. It can be useful for the reasons you mention, identifying spammers, banned users rejoining etc.
A per user or user group setting would be more useful.