Maybe you can use http://ez.no/community/contribs/datatypes/datatype_ezcaptcha
or http://ez.no/community/contribs/datatypes/antispam . I haven't tried them and I don't know whether they work with the newer eZpublish versions, but they might at least give you a hint on how to achieve spam protection.
You might want to try using the texttoimage template operator - where you generate a random text string in the template, display it as an image, and pass it to the next template. If the user doesn't enter the displayed image value (the random text), you can discard their post. You would have to add a text input to pass the entered value to the next template, and use ezhttp to get that value.
I have never done this - but I think it would work.
I've tried both contribs. I am using the antispam datatype from Hans now, it works perfect (tested at 3.8.x). The ezcaptcha datatype needs some PEAR libaries installed.