I've been learning and experimenting with NodeJS, and the project I'm using is to port a homemade content management system (CMS) written using the Linux/Apache/MySQL/PHP combination. One of the areas I am trying to update is protecting against spam on a contact form. The NodeJS version is based upon Linux/Mongo/Nginx/Javascript (why Mongo? because I wanted to learn how to work with it!)
I have a server side check that helps to reduce spam by assigning a unique ID to each form downloaded and having that ID entered into the database along with a pointer to the form handler. Each form ID can only be used once, and if a form requires such an ID and no ID is present - then no form handler is called for. (This also helps to secure access to the system through other forms such as administrative functions.)
I understand there are more checks I could use server side and would love to hear about those, but I also want to focus right now on the client side. Do folks have any suggestions for captcha-less forms that are resistant to spamming?
