SPAMMERS AND TROLL USERS "PASSWORD REQUEST"

sorry for my mistakes, i dont speak much english xD

recently I'm learning php and I have chosen as a case study elgg platform, i dont develop much, although I can think of many ideas (does not matter)

I want to ask (I think this would help many users that use elgg) for example I'm using a plugin called "Request account info" developed by cash!

Lately I have seen good progress on elgg to counter attacks from automated bots, but there is a most difficult target "the human spammers"

many times it angers other registered users, I have seen modules created for banner users, suspended for a definite time, appoint editors to moderate ... whatever is missing something very important, I believe no one even had inadvertently said about

is that by making a request for password, no limit on users, for example, someone might abuse the resources sent by mail or just annoy another user to send unlimited fake password requests, just knowing the user name ...

This charge your smtp server, and uses needlessly sending email.

Anyone can develop a solution for this?

as I said I have the idea ... it may limit the number of lost password requests to 3 requests by day at most for each username or registered mail, if you exceed the limit that action is blocked for that user for 24 hours

or something like that,  yahoo, google, facebook or twitter

I will try to do it but have not had time lately ....