You can find a lot of ways to prevent spam from your site these days but I've really tested this method and it has been 100% effective (so far). It will stop automatic bots but a human will be able to work out how to get around it pretty easily (but when do humans have time to do that).
To begin with: this script is written in PHP but you can easily translate it.
- $_SESSION["spam_prevention"] = '1';
First off, on the page with the form to email to you, declare a unique session variable on this page with any value you want. Why? So when the user submits this form to the script that sends the email, you know the user definitely came from the page with the form, and it's not a bot attacking your email script. So before your email script, test to see if $_SESSION["spam_prevention"] exists.
- <input type="text" name="spam_prevention"
- style="display:none; visibility:hidden;" />
Another method is to put a text field on your form and hid it with CSS. 99.9% of the SPAM bots out there will disregard any CSS styles, and at the same time the SPAM bots will fill out every field within your form. So if this field is filled out, it's a good guess that it wasn't a human that filled it out.
This isn't bullet proof, but it works quite well and it doesn't require the user to fill out any spam prevention captcha fields etc.
Let me know how you go with this script if you try it.