diff -up captcha/captcha.module.block captcha/captcha.module
--- captcha/captcha.module.block	2012-01-02 04:27:21.000000000 -0700
+++ captcha/captcha.module	2013-01-30 10:57:02.236300949 -0700
@@ -626,6 +626,26 @@ function captcha_validate($element, &$fo
           ),
           WATCHDOG_NOTICE);
       }
+      // Retrieve the number of attempts and ip address for this session
+      $attempts_and_ip = db_query(
+        'SELECT attempts,ip_address FROM {captcha_sessions} WHERE csid = :csid',
+        array(':csid' => $csid)
+        )
+        ->fetchAssoc();
+      // TODO - Make this configurable
+      $max_attempts=3;
+      // Ban IP if it has enter the Wrong Captcha for $max_attempts Times
+      if ($attempts_and_ip['attempts']>=$max_attempts) {
+        db_insert('blocked_ips')
+          ->fields(array('ip' => $attempts_and_ip['ip_address']))
+          ->execute();
+        // log to watchdog
+        watchdog('CAPTCHA',
+          t('IP Adress %ip_address has been Blocked by CAPTCHA. Because of exceeding the Max Wrong Captcha Input of %maxattempts times'),
+          array('%ip_address'=>$attempts_and_ip['ip_address'],
+            '%maxattempts'=>$max_attempts));
+        form_set_error('captcha_response', t('Yout IP has been Blocked. Please dont SPAM!'));
+      }
     }
   }
 }