Third, do they fill out a hidden inputbox? This is sort of the reverse captcha.
This is really a very good test. As others have mentioned in this thread, it's the sort of thing that spammers will circumvent if it becomes widespread, but for now it's great.
There's something else I've found to be really quite effective: deliberately misnaming my form fields. For instance, give the input field that's labelled "First Name" an input name of "phone number." Humans don't use input names to determine what text to enter, but spambots do. Then check that inputâ"if the first name field contains a phone number, you know you've got yourself spammer.
I've used solely the combination of these two things to run one of my websites for two years now, and I get a vanishingly small amount of spam.