For TYWYK I wanted to prevent spam early on, but still allow anyone to post. I chose using a CAPTCHA. I'm using Jason Perry's ReCAPTCHA plugin which uses ReCAPTCHA.
It's pretty straightforward. Just read the README and all the comments on agilewebdevelopment and you should be good to go!
Only gotcha that I ran into was making the ReCAPTCHA match the design on my submit page. Took me awhile to find this, but basically I had to just copy/paste the HTML and manually insert my public key INSTEAD of using recaptcha_tags.
- Custom theming your ReCAPTCHA: http://recaptcha.net/fastcgi/demo/customtheme
- Other security and CAPTCHA info for Rails: http://www.quarkruby.com/2007/9/20/ruby-on-rails-security-guide
