Hello,

Are there any good ways to prevent spamming that uses form to email to do so, and not blocking the form to email function completely?

Thanks.

We use Jmail usually - that seems to help. PHP also has a form handler

there been recent fixes for formmail to prevent spamming via it.

make sure u run the latest version

The easy answer to the question is two fold.

Make sure access is restricted to your Domain name.
@referers = ('yourdomain.com');

Sanitize the Form input.
# parse input (POST)
read(STDIN, $input, $ENV{'CONTENT_LENGTH'});
@pairs=split(/&/,$input);
foreach $item(@pairs)
{
($key,$value)=split (/=/,$item,2);
$value=~tr/+/ /;
$value=~ s/%(..)/pack("c",hex($1))/ge;
$value=~ s/<!--(.|\n)*-->//g;
$data{$key}=$value;
}

# parse input (GET)
$query = $ENV{'QUERY_STRING'};
@pairs= split (/&/,$query);
$qstring='';
foreach(@pairs){($key, $value)= split (/=/,$_); $data{$key} = $value;}


The above is for cgi/perl scripts and I'd imagine similar coding is used for PHP.

The actual code may not be familiar but the Terms "restricted access & sanitize input" are quite common in the Industry. Always make sure to find out, if those two are included in any script. Then you'll know you have one that is pretty secure.