On 10 Sep 2009, at 04:50, Joel Canfield wrote: > > > How? Why? What logic error have I made which is allowing random > spammers to > access the back end, sending us trash emails, bypassing my logic? as Roberto said, the hidden field obviously is sent easily, *but* the input for your spambot test question isn't even being tested… and to make that work properly, test for it, and also make the question random in the form. so the form posts a series of randomly chosen easily answered questions, and then check the contant of that form in the processor against your array of possible answers. that will make it slightly harder for spammers to send form content to the processor directly - they won't know which questions you're using today and which answers are correct….