Thanks for the excellent plugin! Has been working for a year without many spams getting through.
A way to help NoSpamNX catch possibly even more spam is to add a timestamp check to the forms to see they were not filled in milliseconds. This has the purpose of catching bots that are smart enough to leave the hidden fields empty.
The only way a bot can get around these both is to implement a delay. Forcing bots to do this by adding the timestamp check in NoSpamNX is a good thing to do because it slows done the rate at which a bot can fill up forms. So even if the bots would eventually get around even this feature, it would still be a net benefit as there would be less spam overall.
This was inspired by Drupal's Honeypot module: http://www.midwesternmac.com/blogs/jeff-geerling/introducing-honeypot-form-spam
NoSpamNX could also be tagged as honeypot. One WP plugin page the link to
comment_form documentation is
http://is.gd/1lezf) including a likely unintended closing bracket
). Interestingly is.gd recognizes and strips it, since the redirection works. A nicer solution is to make a proper HTML-formatted link that targets the page without any redirection.