How to stop spammers to fill website contact/inquiry forms?

If your email inbox is being flooded with spam from your website’s contact/inquiry form then you may control similar spam by installing Captcha on your all website forms.

Install Google reCaptcha on website contact/inquiry forms:
The technology is used mostly to block spammers and bots that try to automatically harvest email addresses or try to automatically sign up for or make use of Web sites, blogs or forums. CAPTCHA, whose users include Yahoo and Google, blocks automated systems, which can’t read the distorted letters in the graphic. In order to keep out spammers, a CAPTCHA has to effectively test if you are human or machine. Computer scientists figured out that one of the easiest ways to do that is to use images of language. In order to deceive spammers, the images of language take randomly generated text and manipulate the image, so that a human can barely read it, but a computer trying to take a picture of it cannot.

Google reCaptcha jQuery validation can not stop spamming completely, bots can easily bypass jQuery validation and can submit form to server without any browser interaction(as javascript can be disabled easily from any browser). So whenever you add reCAPTCHA to a website make sure you are validating through PHP. When a user validate reCAPTCHA an input parameter will be passed to server with name ‘g-CAPTCHA-response’. If this field is not posted with the form then you need to prevent email from sending.

You can follow below link to know more about validating google reCaptcha through PHP.

In order to implement honeypot technique we add a hidden text field in form, we will validate it though PHP. If hidden text field contains data then it will be filled by bots, so in this case we need to prevent email from sending. So whenever a form is submitted by user honeypot (hidden text field) will be empty, but if it is from bots/spammers it will always contain data.

You can follow below link to know more about Honeypot.