I searched this forum recently for a solution to my growing form spam but couldn’t find anything suitable. However, I’ve now found a simple way which seems to have stopped it and doesn’t use the full captcha technique.
It uses some JavaScript from dynamic drive to make sure the form boxes are not left empty. All you have to do then is rename the email box to something stupid. The spam spiders must search until they find a box called email or something similar.
I’ve also changed the submit button name just in case.
I still need to add some sensible titles for people who use screen readers but this seems to work with both cgi and asp form mailers.
If you'd like an example then there’s one here www.straight2web.net/D6.htm

Although it's not really my area, I would also suggest something else I've heard of: along with the steps that you have taken, create some hidden form fields with believable names ('confirm_email', for example). Some bots may attempt to put *something* in all form fields, so if when processing the form you see something in that hidden field, you know it wasn't entered by a human...

If you want to use captcha on a PHP enabled server, this thread may be helpful: http://www.webdeveloper.com/forum/sh...d.php?p=679150