That's pretty much the same approach we've taken. We recently switched away from formmail.cgi for just this reason, and replaced it with a php-based alternative that avoids perl entirely, testing every message for the presence of http or https. -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of r937 Sent: Friday, September 28, 2007 12:11 PM To: thelist at lists.evolt.org Subject: [thelist] how to stop email form spam in addition to all the other techniques suggested, do a quick search of the form fields to look for the string of characters "http://" if my script finds that in one of my form fields, it sends back a 403 Forbidden rudy http://r937.com/ -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !