does your form save the information to a database?
if so, add a column to the table to store the users IP address. in the insert behavior, bind the new IP column to the REMOTE_ADDR binding from the server collection.
once you know the IP address of the problem user, you can ban them using PHP on your site, seer the following page for details:
how-to-block-ip-addresses-with-php/