From experience a form opens a whole new can of worms. There are not just spammers out there but also people that simply love to be destructive and annoying. Even a simple form where they enter email address and click ‘contact me’ allows them to ask you to contact someone else - a bit like ordering a pizza delivery for someone that annoys you - or they can simply contact you multiple times and fill up your inbox.
Forms that allow people to send a message opens you up to code injection and you have to protect against that - and forms attract spam.
I use a contact form but probably 75% of the code is anti-spam and anti injection and even then you run the risk of missing or deterring valid enquiries.
I find that people do still scan for email addresses but simply making it a bit more difficult makes a big difference as you say ‘me at mydomain’ helps as does an image but some spammers have code that decrypts images. I find simply doing something different will help, like ‘Please contact John Smith @ our domain name’ goes a long way (and I mean the actual words ‘our domain name’ not the domain name itself) . If you do it in a clever way it is still clear to a person and not worth a spammer developing new code to interpret the real email address.
As a golden rule avoid using ‘maito’ and also avoid common email names like ‘contact’ or ‘sales’ or ‘info’ because spammers will try all these @yourdomain - use something like ‘welcome’ or ‘hello’ or ‘hi’ or ‘tell-me-more’
You will never avoid all spam but a bit of clever thinking will go a long way. You will still get spam from people you enquire to that then sell on email addresses and there is nothing to stop people manually typing your email address into a database for future use or sale.
Also analyse your spam - dont just chuck it in a spam folder or delete it, often the subject, content or sender email from the spam will give you valuable clues on how to block it.
Just for your info my contact form checks number of words in the content (many spams contain only one to three words) it also checks the time it takes to complete the form since a real user would take maybe 10 seconds or more whereas a robot will complete it in under 2 seconds. It also has hidden fields called ‘email’ and ‘comments’ which a robot will fill in but a person can’t. The Spam level is then calculated and if above a certain level is sent to a spam account with analytics on hidden fields completed and time taken to submit. I do not use captcha or re-captcha images as I feel this complicates things for the sender and can put them off enquiring. Even the thankyou message is tailored so if it is detected as spam - the thank you message comes from Stephen Pam - get it? - S Pam ! So even if it is flagged as spam the spammer does not know so can’t amend their algorithm.
This means make it easy and invisible for genuine people, my real inbox does not get clutterd, I can analyse the spam to tweak my detection rules and I can still read any spam with a low rating so I do not miss any valid enquiries.
Good luck !