If your server supports PHP, this Form-mailer script from DB Masters conceals your email address from prying eye email harvesters and it has very good spam controls built into its script -- including hidden field (honeypot) which traps spam bots before the script executes.
Rick, your idea is how many forms/scripts implement checks for human response. Of course if you want real Captcha, you don't need to pay - there are plenty of free solutions out there. Honeypot is another effective method for defeating bots.
Thank you, Nancy --
I took a long look at FormM@iler, as it has an impressive array of features...and one show-stopper. It is developed in such a way that every field used in a form must be explicitly defined in the PHP file. That is way too inflexible for us, ultimately promising to create more work and effort than the trouble we are addressing.
Any other ideas, though, I'm all ears...