No.
With my IP limiting suggestion, for meaningful attack of significant volume,
the proxy has to be on the client side, unless a spammer has millions of IP
addresses to use for web servers.
Using a pretty simple PHP script, the CAPTCHA can be embedded into a new
image which is then delivered to the client, no matter if you use HTTP or
HTTPS; the final request from the client has nothing to do with the
original request to the CAPTCHA image.
Andreas
Shelby Moore
http://AccuSpam.com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg