Skip to main content

Google Captchas during account registration

Why does mailbox.org use a Google CAPTCHA in the account registration form?

We recently detected activities on our servers where bot nets were used to create hundreds of thousands of e-mail accounts for the sending of spam e-mail. Although we take this as a compliment – somebody out there must be convinced our infrastructure is up for the job – we needed to find a solution to stop this abuse of our service, of course. We subsequently deployed a number of different CAPTCHA systems to help our servers identify bots during registration. However, spammers were able to circumvent all these solutions shortly after they were put in place.

The development of a dedicated and individual mailbox.org CAPTCHA solution is on our agenda. We are analysing any misuse of our systems very thoroughly. This knowledge will substantially inform our software design and hopefully result in a robust and reliable CAPTCHA solution of our own. However, our software engineers are currently very busy with the development of mailbox.org core features, as well as extensions to our existing line of products and services.

We therefore decided to use Google’s CAPTCHA for the time being, because out of the set of solutions we tried thus far, this one seems to work best (Credit where credit is due). Of course, we want to change this practice over the longer term – yet currently, we think our developer resources are better spent on creating new features for our customers. After the first quarter of 2016, we will consider picking up again our development in this area.

Note: The Google CAPTCHA is not used for log-ins. It will only appear once, during account registration.