There is no perfect spam protection. The most suitable approach is likely Recaptcha or HCaptcha with all known problems to privacy, accessiblity or local issues as you mentioned them.
Nowadays, we use collective.easyform for all kind of contact forms. In some case we use a simple question with a simple validation (limited to one question and one answer). Or you could use this as additional norobots fields in easyform:
Also using a form honeypot is easy to implement and works in most cases:
But as said: no solution is perfect and there are always issues and ways to work spam protection measures.
More sophisticated approaches might tracking of requesting IP address, request throttling...