SPAM ALLOWED THROUGH FORM EVEN THOUGH FORM HAS CAPTCHA FIELD

STARTED GETTING LOTS OF SPAMP THROUGH CONTACT FORM , like to nip in bud before it becomes a serious issue.
can any thing be done

It looks like they would have to fill out the CAPTCHA to send email. How many did you get. Is it possible it is still a human filling it out?

20 -30 all from mail.ru email accounts,

It could be someone manually filling it out that many times, in which case CAPTCHA won't do much. You could also add validation to prevent .ru accounts from sending.

Not sure of coding required or where to put it, are there any samples available so I can implement this filtereing
Any help is welcome

You can just add a server validation with a regular expression validation on the email field to prevent anything that ends with .ru.

One possible regular expression that should work is:
/(^([^@\s]+)@((?:[-_a-z0-9]+\.)+(?!(?:ru)$)[a-z]{2,})$)|(^$)/i

Hi Ray, I was going to ask the same question if robots can overcome captcha validation. I have a lot of mails coming from .ru accounts, I implemented captcha validation and I still have the same amount of spam from .ru accounts.

You could try changing fonts or adding more distortion. I suppose it is possible that a screen reader could read the CAPTCHA. You could try adding the "Simple Question" fields or a honeypot which might be more difficult to get passed. I'm not sure why they would be spamming your form with a robot to begin with. I can't imagine what they would accomplish by doing that in the first place.

How often does it happen? Are they multiple per second? That would imply a robot, or is there always a time gap between sending? That might imply it is a human. You could try to track the IP address and block it, or add validation based on the email address as well.

I've never had a spam issue with sites I've set up with CAPTCHA, but that doesn't mean it isn't possible that you are. It would take research and tests to really determine how or better yet why someone would spam your form.

The mails have a gap of time of minutes or hours, they are promoting porn sites and celebrity pictures. I will try adding more distortion to the captcha image, but if they aren't robots I think there is not much to do.

Thanks for info
As the form does not check the actual address is valid so fictitious address could b EE used when validation fails
Is there any way of validating at the time of submission there by fooling the author into thinking it had worked