HTML form authentication to prevent spam / POST attacks

I am wondering if there's a good solution for preventing automated form submissions / POST attacks.

Would it be possible to add a form field with a token generated server side that would be unique for each form displayed on the site, but with a way to check if this token was indeed generated by my app and not by user, without having to save all tokens to a database?

IMO if app can know that data comes from a form generated by the app (meaning that it used logic only known to the app), than it would go on to process form.

Any suggesting for such an algorithm?

EDIT: In other words, can I generate a string that:

1) when I receive back, I can recog开发者_StackOverflow社区nize as string that I generated,

2) know that it's been used only once,

3) would take user too many attempts to generate such string on the client side,

4) this string does not have to be persisted by the application

You'll probably be interested in Hashcash. I tried to cheat on a blog by multiple voting some comment, but I gave up when I saw that this method is a bit complicated for humans to generate that values.