Holy hell, I have tried all the usual solutions in stopping this, short of using captcha. I have a hidden field, email validation, and even a "human only" question upon submission. I'm out of ideas, the thing is clearly circumventing my safeguards. The only thing I can think of is that all the safeguards are in JS. Thoughts?
I guess you are trying to stop spam bots from Emailn you.
Are you SURE the spam from your FORM and not by your Email addr. in some other places in your web site?
Have you tried the random number images system?
You probably already knew that. The problem with it being client side is that you have no contol over it. Code in some server side validation and it should help. I use ereg to detect href or bbcode url tags. You could disallow other things too. (For example, the name fields were being answered "unknown" so I disallowed that response.)