Everyone knows what Spam is. We all get unsolicited emails every day, and dealing with spam has never been a bigger battle.
Having a website that has any type of form means you are after opening a gate for spam.
Trying to close that gate and keep it close, for some people is a full-time job.
Below are some solutions that I found helpful:

1. Set a variable that will hold a number let’s say 6.
Set-up a session on form submission and increase the count by one anytime the form gets submitted by the same user, then check to see if it’s not equal or bigger then the variable you have set. If it is, display a message or redirect.
This is useful on contact forms.

2. On any other type of forms, like search, make sure you check the value of the submitted fields not to contain an email address
this can be easily done. 
e.g using php:

if(eregi( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_GET["field_name"])){
   echo "You are not going to find an email address in the products table. Get real.";
   die();
}

3. Limit the amount of data a user can type into the form field by using the input attribute maxlength=”50″. 
You’ll be surprised how much you can type into an input field that has no “maxlenght” applied.
e.g.If you have a qty. field for a product to be added to the shopping cart you can limit the amount of data to 3 – maxlenght=”3″. 
Who would buy more then 999 products at a time?

4. Few months ago I was getting a lot of registrations on one of my website. Looking at all those new customers I noticed a similarity.
The first name and last name plus some other fields were exactly the same values, so i created a function that is checking the form for duplicate values:

if($x_first_name == $x_last_name){ 
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
# here I add the ip address to the ban table,
then email all the form values to myself,
just in case there was a mistake
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
}

It worked for me very well. Managed to collect few IP’s in the database and until now none were for real.

5. Never trust Javascript (client-side) for form checking. Always do more checking using server-side (PHP, ASP, …)

6. Always check the values submitted to contain exactly what you are expecting.
e.g. If you are looking for numbers, then make sure you only get numbers. 

7. Use Captcha Security to prevent automated submissions.
    A good example here: Captcha Security

:::::::::: more will be added on as I find them ::::::::::::