What's the latest defense against comment spam submitted by BOTS into a comment form?

What's the latest easy and simple defense against comment spam? mybigdata.co.uk has a contact form and BOTS submit spam as a message. The solution will be something else than captcha as other businesses also don't use it.
Jack McKenzieChief Executive Officer http://mybigdata.co.ukAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
Can take a look at CleanTalk that is a free anti spam plugin which work with the premium Cloud AntiSpam service cleantalk.org.

A visitor writes a comment or registers
Anti-Spam by CleanTalk plugin sends action parameters into the CleanTalk cloud
Service analyzes the parameters
If this is a visitor, the comment will be published. If it’s a spam bot, then CleanTalk blocks this comment or registration.
Parameters are written to the spam log which can be viewed in the Control Panel service.
easier would be to have a plugin that connect to such check services and you have capability to configure the defence.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Check out Anti Spam Bee also. This plugin uses non-intrusive Bot scanning + then flags the Bot IPs for Fail2Ban to block using iptables.

If you have a huge amount of spamming IPs, Anti Spam Bee solves the problem with near zero server load, since IPs are blocked at Kernel, rather than running through the entire LAMP Stack + WordPress to do blocking.
Dr. KlahnPrincipal Software EngineerCommented:
If the host is running Apache, look into mod_spamhaus, mod_sorbs and mod_honeypot.
Jack McKenzieChief Executive Officer http://mybigdata.co.ukAuthor Commented:
It's Java (Tomcat)
btanExec ConsultantCommented:
I am thinking even cloud security service or Web app Firewall
Existing solutions offer little to no protection against Spamdexing attacks since they rely mainly on IP reputation-based detection, which can lead to more false positives......WAF offers a better solution in that it collects URLs which repeat in high volumes in various web applications, and correlates them with the IP reputation ratings of clients to accurately detect a spamdexing attack.

That said, there is no panacea too but can scale up to be cope with the changes in  spambot
We won't catch all spammers or attackers, unfortunately, but the good news is that the system gets smarter the more the community flags specific behavior.
and back to basic to block source if that can be identified https://support.cloudflare.com/hc/en-us/articles/200170066-Will-activating-Cloudflare-stop-all-spammers-or-attackers-

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Development

From novice to tech pro — start learning today.