I remember a few pages that sed some stupid captcha like "please write the word orange" or "please calculate 204+109". It was a static value, so it was trivial to program. For not very popular blogs, it was good enough (a long time ago).
Also, other blog has a hidden field, that should be empty, but bots like filling all fields.
I'd try those stupid tricks, and if they fail I'd try to put Spambayes as a filter. It was nice because it has good/bad/unusual, and you may like to take a look at unusual stuff to detect false positives. (I'm not sure if there is a better alternative to Spambayes. I used it like 20 years ago.)
Thanks for the suggestions! About simple custom captchas, they are easily bypassed but effective enough for smaller sites.
I've got the honeypot field running now and am monitoring how well it catches bots. The email verification should be the strongest barrier of the bunch. Between those two plus the basic captcha, hopefully that covers most automated spam without being too annoying for real users.
Curious to see the results over the next week or two.
Also, other blog has a hidden field, that should be empty, but bots like filling all fields.
I'd try those stupid tricks, and if they fail I'd try to put Spambayes as a filter. It was nice because it has good/bad/unusual, and you may like to take a look at unusual stuff to detect false positives. (I'm not sure if there is a better alternative to Spambayes. I used it like 20 years ago.)