Msg#: 4404 posted 12:43 pm on Mar 14, 2006 (gmt 0)
This has been reported much in the last couple of weeks. Pretty much an easy way to stop the vast majority is to ensure your form is not processed unless it is submitted through only your site(s).
Probably the most popular email script to handle this is Matt's email script. Search that and by using it you'll find parameters for allowable domians, if it is not from one of these allowable domains, it doesn't run. There are ways around it but it works most of the time.
rainborick is right, make sure that original script is moved or removed. I will also say I played around with escape sequences for form fields and to/from addresses and have not found a single instance where the scrapers parsed it correctly and hence the script wouldn't run. Search 'script encoders', there's plenty of free ones out there. i.e. Encode key parts of the form. I tested several for compatibility between browers and you can sticky me for the one I use if you wish.