After just cleaning up yet another gmail spammer (I so love the Spammer Hammer™ MOD, is one of my favorites ) tonight I found myself wondering: Is it worth setting up an extra activation step for gmail.com accounts?

I have mentioned more than once my frustration with the amount of spam / spam attempts coming from gmail.com email addresses. It’s clear that I can’t ban them (even if I wanted to) because of the number of legitimate users. But what if I made them go through an extra step? Would it help?

I did not spend much time thinking through this yet. That means there are likely to be holes or room for improvement. But suppose the registration process flow chart went something like this:

The “new steps” could be anything. I’m not convinced that it’s worth the effort. Most of the spammers that get through lately are clearly humans rather than bots. Anything a normal human can pass, a spammer human can also pass. The Checkbox Challenge has remained relatively effective against bots.

Oh well. It’s probably a dumb idea.