I finally snapped this afternoon. Several months ago I switched to a form based contact method on my website after I was receiving a deluge of Spam through my email address. I then had the form pass on the messages to a new email address and my Spam problems blissfully disappeared. That is, until some enterprising Spam pedlar or pedlars decided to either map my form to an automated system or employ some very cheap labour to submit the hell out of my contact form.

I decided to implement a text based CAPTCHA system. Now most CAPTCHA systems employ the distorted letters image based approach. I suspect those are much harder to defeat but are also much more of a pain for legitimate visitors trying to send a message. I like to employ the lesser used question based method.

What colour is the green monster?

This simple question should be easy enough for a five year old to answer but  changes to a random question each time the form is rendered. It's possible for me to increase the difficulty of the question or change to less predictable questions if the pattern becomes too simplistic or mappable. It has the advantage of accessibility since it doesn't require the visitor to view images or hear sounds. It's also much easier to implement

I simply create a set of questions and answers with a numerical key. The questions are then selected at random when the form is generated and the numerical key is passed along with the form for validation. Before sending the email, the code checks to make sure the associated value matches the correct answer. If not, the visitor is told the answer was incorrect and is presented another random question to try again.

I think the system may actually be more effective than image based techniques as it's not a mindless copying procedure but rather a slightly more taxing logic problem. Time will tell I supposed. If I start getting Spam again I'll change up the question type or make the question slightly harder.

Now to implement this for comments.