You can try:
1) adding the security question field as well as CAPTCHA... it asks questions like "is lava hot or cold?" and it is actually harder to get through than a CAPTCHA field.
2) Require login for submission. No bots can get past a login. Then you would only potentially get submissions from people that go through registration and login to send the message.