Today I added Captcha(also called image verification) to my contact form because I'm getting spam this way now. I cleaned up the comment and trackback spam and the spammers have found another way to irritate me. As you can see, the image is not easy to read, and it can be difficult or impossible for disabled or blind people to see them and therefore use the forms. The image can be regenerated to get something easier to read.
The form mail script I use has just been upgraded for better security, and while it was tricky to implement, it's now working properly. Whether it helps or not only time will tell.
The simplest way for a spammer to overcome a CAPTCHA scheme is to encourage (or pay) people to view the images and type the correct values. With sufficient people doing this, a spammer can automate the process and use the forms as a spam gateway.
Computer programs are also getting smarter. It may be possible, soon, for a program to defeat the image scheme I've implemented. The worrying part is that I won't know until I detect it in my log files (or some unhappy person tells me I'm a spam gateway)!
UPDATE: This didn't solve the spam problem. However, I have changed the script I'm using and have added code that will authenticate the domain part of the email address. The form seems to be working properly to exclude bogus email addresses. Read how I did it.
This Captcha code isn't stopping the problem of contact form spam, which tells me it is real people sending the form. The email address and names of the people are random letters, like sdasdf. Annoying to say the least. The form is filled with links to porn, medication, etc. I'm ready to close down the contact form.